Category: Uncategorized

FinCEN Issues Final Rule on the Corporate Transparency Act Requiring Businesses to Report Beneficial Ownership Information

On September 30, 2022, the U.S. Financial Crimes Enforcement Network (“FinCEN”) published its final rule implementing Section 6403 of the Corporate Transparency Act (“CTA”). The final rule, which will take effect on January 1, 2024, will require “tens of millions” of companies doing business in the U.S. to report certain information about their beneficial owners. The reporting companies created or registered before January 1, 2024, will have until January 1, 2025, to file their initial beneficial ownership reports with FinCEN. Reporting companies created or registered on or after January 1, 2024, will be required to file initial beneficial ownership reports within 30 days of formation.

The CTA was passed by Congress on January 1, 2021, as part of the Anti-Money Laundering Act of 2020 in the National Defense Authorization Act for Fiscal Year 2021. After publishing a Notice of Proposed Rulemaking and receiving public comments, FinCEN adopted the proposed rule largely as proposed, with certain modifications intended to minimize unnecessary burdens on reporting companies.

What Entities are Reporting Companies? The final rule describes two types of reporting companies: domestic and foreign.

  • A domestic reporting company is any entity that is a corporation, a limited liability company, or other entity (such as limited liability partnerships, limited liability limited partnerships, business trusts, and most limited partnerships and business trusts) created by the filing of a document with a secretary of state or any similar office under the law of a state or American Indian tribe.

  • A foreign reporting company is any corporation, limited liability company, or other entity formed under the law of a foreign country and registered to do business in any state or tribal jurisdiction by the filing of a document with a secretary of state or any similar office under the law of a state or American Indian tribe.

What Entities are Exempt? The final rule exempts twenty-three separate categories of entities from the definition of the reporting company. Many of the exempted entities are already subject to federal or state regulations requiring disclosure of beneficial ownership information, such as banks, credit unions, depositary institutions, investment advisors, securities brokers and dealers, accounting firms, governmental entities, tax-exempt entities, and entities registered with the SEC under the Exchange Act of 1934. Additionally, the rules set forth an exemption for “large operating companies” that can demonstrate each of the following factors:

  • Employ more than 20 full-time employees in the U.S.

  • Have an operating presence at a physical office within the U.S.

  • Filed a federal income tax or information return in the U.S. for the previous year demonstrating more than $5 million in gross receipts or sales (excluding gross receipts or sales from sources outside the U.S.)

Finally, under the so-called “subsidiary exemption,” entities whose ownership interests are controlled or wholly owned by one or more exempt entities may also qualify for exemption. If a reporting company was formerly exempt but loses its exemption, it must file an updated report that announces the change and includes all the information required in a reporting company’s initial report.

Who are Beneficial Owners? The final rule requires reporting companies to report each individual who is a beneficial owner of such reporting company. A “beneficial owner” is any individual who, directly or indirectly, either exercises substantial control over the reporting company or owns or controls at least 25 percent of the ownership interests of the reporting company. An individual exercises “substantial control” if such individual:

  • Serves as a senior officer (except for corporate secretary or treasurer)

  • Has authority over the appointment or removal of any senior officer or a majority of the board of directors (or similar body)

  • Directs, determines, or has substantial influence over important decisions made by the reporting company

  • Has any other form of substantial control over the reporting company

Additionally, an individual may exercise substantial control over a reporting company, directly or indirectly, including as a trustee of a trust or similar arrangement, through:

  • Board representation

  • Ownership or control of a majority of the voting power or voting rights of the reporting company

  • Rights associated with any financing arrangement or interest in a company

  • Control over one or more intermediary entities that separately or collectively exercise substantial control over a reporting company

  • Arrangements or financial or business relationships, whether formal or informal, with other individuals or entities acting as nominees

  • Any other contract, arrangement, understanding, relationship, or otherwise

The final rule exempts five categories of individuals from the definition of beneficial owner: (i) minors, (ii) nominees, intermediaries, custodians, and agents, (iii) certain employees who are not senior officers, (iv) heirs with a future interest in the company, and (v) certain creditors.

Who are Company Applicants? In addition to the beneficial owner information, the final rule requires reporting companies created or registered on or after January 1, 2024, to report identifying information about each “company applicant.” A “company applicant” is:

  • Any individual who directly files the document to create a domestic reporting company or register a foreign reporting company with a secretary of state or similar office in the U.S.

  • Any individual who is primarily responsible for directing or controlling such filing if more than one individual is involved in the filing

The final rule provides further clarification as to certain individuals who, by virtue of their formation roles, fall under the definition of “company applicants.” For example:

  • If an attorney oversees the preparation and filing of incorporation documents and a paralegal files them, the reporting company would report both the attorney and paralegal as company applicants.

  • If an individual prepares and self-files documents to create the individual’s own reporting company, the reporting company would report the individual as the only company applicant.

The final rule removes the requirements that i) entities created before the effective date report company applicant information and ii) reporting companies update their company applicant information (except to correct inaccuracies), each of which were set forth in the proposed rules.

When are Initial Reports Due? When an initial report must be filed depends on the status of the reporting company as of January 1, 2024:

  • If Created or Registered on or after January 1, 2024 – It must file a report within 30 calendar days from the earlier of: i) the date on which the company receives actual notice that its creation or registration has become effective, or ii) the date a secretary of state or similar office first provides public notice, such as through a publicly accessible registry, that the company has been created or registered.

  • If Created or Registered Prior to January 1, 2024 – It must file a report not later than January 1, 2025.

What Information Must be Reported? An initial report must include the following information with respect to the reporting company:

  • The full legal name of the reporting company

  • Any trade name or “doing business as” name of the reporting company

  • The street address of the principal place of business of the reporting company (if outside the U.S., the street address of the primary location in the U.S. where it conducts business)

  • The state, tribal, or foreign jurisdiction of formation of the reporting company (a foreign reporting company must also report the state or tribal jurisdiction where it first registers)

  • The IRS Taxpayer Identification Number (“TIN”) of the reporting company (including the EIN of the reporting company, or if a foreign reporting company without a TIN, a tax identification number issued by a foreign jurisdiction and the name of such jurisdiction)

For each company applicant (of a reporting company registered or created on or after January 1, 2024) and each beneficial owner of a reporting company, the following information must be reported:

  • The full legal name of the individual

  • The date of birth of the individual

  • The current business street address (for a company applicant who forms or registers an entity in the course of such company applicant’s business) or residential street address (for all other individuals including beneficial owners)

  • A unique identifying number from, and image of, an acceptable identification document (e.g., a passport)

If a reporting company is directly or indirectly owned by one or more exempt entities and an individual is a beneficial owner of the reporting company exclusively by virtue of such individual’s ownership interest in the exempt entity, the reporting company’s report may list the name of the exempt entity in lieu of the beneficial ownership information set forth above.

When do Companies have to Report Changes? If there is any change with respect to required information previously submitted to FinCEN concerning a reporting company or its beneficial owners, including any change with respect to who is a beneficial owner or information reported for any particular beneficial owner, the reporting company is required to file an updated report within 30 calendar days of when the change occurred.

What are the Penalties for Violations? The final rule provides for a fine of up to $10,000.00 and/or imprisonment of up to two years for any person who willfully: (i) provides or attempts to provide false or fraudulent beneficial ownership information, or (ii) fails to report complete or updated beneficial ownership information to FinCEN. The penalties may also extend to individuals causing a reporting company’s failure to report or update information and senior officials of a reporting company at the time such failure occurs.

What is Coming Next from FinCEN? FinCEN is expected to publish the forms and instructions to be used for reporting beneficial ownership information well in advance of the effective date. FinCEN will further establish a secure nonpublic database for storage of the beneficial ownership information. Finally, FinCEN will issue rules on who may access the information (a limited group of governmental authorities and financial institutions), under what circumstances, and how the parties would generally be required to handle and safeguard the information.

What Should Reporting Companies be Doing Now? Existing companies should begin evaluating whether they are a “reporting company” and if so, determining who are their beneficial owners. Such reporting companies, including any other reporting companies that may be created or registered before the effective date, will have until January 1, 2025, to file an initial report. As noted, reporting companies created or registered on or after the effective date will have 30 calendar days after the date of creation or registration to file an initial report.

Article By Thomas G. Appleman, Arthur L. Griem, and Vera S. Hansen of Miller Canfield

For more financial legal news, click here to visit the National Law Review.

© 2022 Miller, Canfield, Paddock and Stone PLC

Throwing Out the Privacy Policy is a Bad Idea

The public internet has been around for about thirty years and consumers’ browser-based graphic-heavy experience has existed for about twenty-five years. In the early days, commercial websites operated without privacy policies.

Eventually, people started to realize that they were leaving trails of information online, and in the early ‘aughts the methods for business capturing and profiting from these trails became clear, although the actual uses of the data on individual sites was not clear. People asked for greater transparency from the sites they visited online, and in response received the privacy policy.

A deeply-flawed instrument, the website privacy policy purports to explain how information is gathered and used by a website owner, but most such policies are strangely both imprecise and too long, losing the average reader in a fog of legalese language and marginally relevant facts. Some privacy policies are intentionally obtuse because it doesn’t profit the website operator to make its methods obvious. Many are overly general, in part because the website company doesn’t want to change its policy every time it shifts business practices or vendor alliances. Many are just messy and poorly written.

Part of the reason that privacy policies are confusing is that data privacy is not a precise concept. The definition of data is context dependent. Data can mean the information about a transaction, information gathered from your browser visit (include where you were before and after the visit), information about you or your equipment, or even information derived by analysis of the other information. And we know that de-identified data can be re-identified in many cases, and that even a collection a generic data can lead to one of many ways to identify a person.

The definition of data is context dependent.

The definition of privacy is also untidy. An ecommerce company must capture certain information to fulfill an online order. In this era of connected objects, the company may continue to take information from the item while the consumer is using it. This is true for equipment from televisions to dishwashers to sex toys. The company likely uses this information internally to develop its products. It may use the data to market more goods or services to the consumer. It may transfer the information to other companies so they can market their products more effectively. The company may provide the information to the government. This week’s New Yorker devotes several pages to how the word “privacy” conflates major concepts in US law, including secrecy and autonomy,1 and is thus confusing to courts and public alike.

All of this is difficult to reflect in a privacy policy, even if the company has incentive to provide useful information to its customers.

Last month the Washington Post ran an article by Geoffrey Fowler that was subtitled “Let’s abolish reading privacy policies.” The article notes a 2019 Pew survey claiming that only 9 percent of Americans say they always read privacy policies. I would suggest that more than half of those Americans are lying. Almost no one always reads privacy policies upon first entering a website or downloading an app. That’s not even really what privacy policies are for.

Fowler shows why people do not read these policies. He writes, “As an experiment, I tallied up all of the privacy policies just for the apps on my phone. It totaled nearly 1 million words. “War and Peace” is about half as long. And that’s just my phone. Back in 2008, Lorrie Cranor, a professor of engineering and public policy at Carnegie Mellon University, and a colleague estimated that reading and consenting to all the privacy policies on websites Americans visit would take 244 hours per year.”

The length, complexity and opacity of online privacy policies are concerning. The best alleviation for this concern would not be to eliminate privacy policies, but to make them less instrumental in the most important decisions about descriptive data.

Limit companies’ use of data and we won’t need to fight through their privacy options.

Website owners should not be expected to write out privacy policies that are both sufficiently detailed and succinctly readable so that consumers can make meaningful choices about use of the data that describes them. This type of system forces a person to be responsible for her own data protection and takes the onus off of the company to limit its use of the data. It is like our current system of waste recycling – both ineffective and supported by polluters, because rather than forcing manufacturers to use more environmentally friendly packaging, it pushes consumers to deal with the problem at home, shifting the burden from industry to us.  Similarly, if the legislatures provided a set of simple rules for website operators – here is what you are allowed to do with personal data, and here is what you are not allowed to do with it – then no one would read privacy policies to make sure data about our transactions was spared the worst treatment. The worst treatment would be illegal.

State laws are moving in this direction, providing simpler rules restricting certain uses and transfers of personal data and sensitive data. We are early in the process, but if the trend continues regarding omnibus state privacy laws in the same manner that all states eventually passed data breach disclosure laws, then we can be optimistic and expect full coverage of online privacy rules for all Americans within a decade or so. But we shouldn’t need to wait for all states to comply.

Unlike the data breach disclosure laws which encourage companies to comply only with the laws relevant to their particular loss of data, omnibus privacy laws affect the way companies conduct the normal course of everyday business, so it will only take requirements in a few states before big companies start building their privacy rights recognition functions around the lowest common denominator. It will simply make economic sense for businesses to give every US customer the same rights as most protective state provides its residents. Why build 50 sets of rules when you don’t need to do so? The cost savings of maintaining only one privacy rights-recognition system will offset the cost of providing privacy rights to people in states who haven’t passed omnibus laws yet.

This won’t make privacy policies any easier to read, but it will become less important to read them. Then privacy policies can return to their core function, providing a record of how a company treats data. In other words, a reference document, rather than a set of choices inset into a pillow of legal terms.

We shouldn’t eliminate the privacy policy. We should reduce the importance of such polices, and limit their functions, reducing customer frustration with the privacy policy’s role in our current process. Limit companies’ use of data and we won’t need to fight through their privacy options.

ENDNOTES

1 Privacy law also conflates these meanings with obscurity in a crowd or in public.

Article By Theodore F. Claypoole of Womble Bond Dickinson (US) LLP

For more privacy and cybersecurity legal news, click here to visit the National Law Review.

Copyright © 2022 Womble Bond Dickinson (US) LLP All Rights Reserved.

Medicare Advantage: OIG Report Finds Improper Denials

On April 27,2022, the Office of Inspector General of the Department of Health and Human Services (OIG), Office of Evaluations and Inspections, issued a report on the performance of Medicare Advantage Organizations (MAOs) in approving care and payment consistently with Medicare coverage rules. In its review, OIG found that 13% of MAO denials of prior authorization requests should have been approved and that 18% of payment requests from providers were improperly denied. OIG also made a number of recommendations to the Center of Medicare and Medicaid Services (CMS) with respect to its oversight of MAOs.

Purpose and Method of the Study

OIG undertook the study to assess whether MAOs are appropriately providing access to medically necessary services and making payment to providers consistently with Medicare coverage rules. Since CMS pays MAOs principally by capitation, MAOs have a potential incentive to increase their profits by denying access to care of beneficiaries or by denying payments to providers. CMS’s annual audits of MAOs have indicated some persistent problems related to inappropriate denials of service and payment. As enrollment in Medicare Advantage continues to grow, OIG viewed it as important to ensure that medically necessary care is provided and that providers are paid appropriately.

OIG conducted the review by randomly selecting 250 denials of prior authorization requests and 250 payment request denials by 15 of the largest MAOs during a week in June of 2019. OIG had coding experts review the cases and had physician reviewers examine the medical records. Based on these reviews, OIG estimated the rates at which MAOs issued denials of services or payment that met Medicare coverage rules and MAO billing rules. OIG also examined the reasons for the inappropriate denials and the types of services involved.

Standards

MAOs must cover items and services included in fee-for-service Medicare, and may also elect to include additional items and services. MAOs are required to follow Medicare coverage rules that define what items and services are covered and under what circumstances. As the OIG states in the Report, MAOs “may not impose limitations – such as waiting periods or exclusions from coverage due to pre-existing conditions — that are not present in original Medicare.” In following Medicare coverage rules, MAOs are permitted to use additional denial criteria that were not developed by Medicare when they are deciding to authorize or pay for a service, provided the clinical criteria are “no more restrictive than original Medicare national and local coverage policies.” MAOs may also have their own billing and payment procedures, provided all providers are paid accurately, timely, and with an audit trial.

MAOs utilize prior authorization requests before care is furnished to manage care and payment requests from providers to approve payment for services provided. Beneficiaries and providers may appeal such decisions, and beneficiaries and providers are successful in many of the appeals (for a one-time period, as many as 75% of the appeals were granted).

Findings

Prior Authorization Denials

In the study, OIG found that 13% of prior authorization denials were for services that met Medicare coverage rules, thus delaying or denying care that likely should have been approved. MAOs made many of the denials by applying MAO clinical criteria that are not part of Medicare coverage rules. As an example, a follow-up MRI was denied for a beneficiary who had an adrenal lesion that was 1.5 cm in size, because the MAO required the beneficiary to wait one year for such lesions that are under 2 cm in size. OIG’s experts found such a requirement was not contained in Medicare coverage rules and was therefore inappropriate. Rather, the MRI was medically necessary to determine if the lesion was malignant.

OIG also found instances where MAOs requested further documentation that led to a denial of care when it was not furnished, as such additional documentation was not required to determine medical necessity. OIG’s reviewers found that either sufficient clinical information was in the medical record to authorize the care or the documentation requested was already contained in the medical record.

Payment Denials

OIG found in the study that 18% of payment denials fully met Medicare coverage rules and MAO payment policies. As a result of these denials, payment was delayed or precluded for services that should have been paid.

OIG found that common reasons for these inappropriate payment denials were human error in conducting manual reviews (for example, the reviewer not recognizing that a skilled nursing facility (SNF) was an in-network provider), and inaccurate programming.

OIG also found that advanced imaging services (including MRIs and CT scans), stays in post-acute facilities (including SNFs and inpatient rehabilitation facilities), and injections were the services that were most prominent in the inappropriate denials that should have been authorized for care and payment in accordance with Medicare coverage rules.

OIG Recommendations

Based on the study, OIG recommended that:

  • CMS should issue new guidance on both the appropriate and inappropriate use of MAO clinical criteria that are not contained in Medicare coverage rules. In particular, OIG recommended that CMS should more clearly define what it means when it states that MAO clinical criteria may not be “more restrictive” than Medicare coverage rules.

  • CMS should update its audit protocols to address issues identified in the report such as MAO use of clinical criteria and/or examine particular service types that led to more denials. OIG suggests CMS should consider enforcement actions for MAOs that demonstrate a pattern of inappropriate payment denials.

  • CMS should direct MAOs to identify and address the reasons that led to human errors.

CMS reviewed the OIG report and concurred with each of OIG’s recommendations. Those recommendations can affect future coverage decisions as well as utilization of prior authorization tools. AHIP, a national association of health care insurers, challenged the OIG’s sample size as inappropriate to support the agency’s conclusions, and defended prior authorization tools.

Takeaways

Given CMS’s concurrence with the report’s findings, we recommend that MAOs track these issues over the next several months in advance of CMS’s Final Rate Announcement for CY 2024.

MAOs should also be aware of potential False Claims Act (FCA) exposure in this area. FCA exposure can arise when a company seeks and receives payments despite being out of compliance with the basic terms for its participation. If an MAO knew it was denying claims that should be paid because they would be covered under traditional Medicare, but the MAO was still collecting full capitation, it is possible that a whistleblower or the government may pursue FCA liability. This risk warrants attention because whistleblowers can bring qui tam suits under the FCA, with resulting high costs for defense and potentially high penalties if a violation is proven (or settled to avoid further litigation). That said, an FCA suit based on this theory would raise serious questions, including whether any non-payment actually met the FCA’s “knowingly” standard (which includes reckless disregard), or whether any non-payment met the materiality threshold necessary to demonstrate a violation of the FCA.

Article By Alexis Finkelberg Bortniker, C. Frederick Geilfuss II, Matthew D. Krueger, Maureen F. Kwiecinski, and Kinal M. Patel at Foley & Lardner LLP

For more health law and managed care news, click here to visit the National Law Review.

© 2022 Foley & Lardner LLP

Six Things to Know About New York’s New Employer Notification Requirements for Electronic Monitoring of Employees

Under an amendment to the New York Civil Rights Law that will take effect on May 7, 2022, private-sector employers that monitor their employees’ use of telephones, emails, and the internet must provide notice of such monitoring. The following provides highlights of the new law.

Question 1. Which employers and electronic monitoring activities are covered?

Answer 1. The law applies to any private individual or entity with a place of business in New York, and it broadly covers “telephone conversations or transmissions, electronic mail or transmissions, or internet access or usage by an employee by any electronic device or system, including but not limited to the use of a computer, telephone, wire, radio, or electromagnetic, photoelectronic or photo-optical systems [that] may be subject to monitoring.”

Q2. Are any electronic monitoring activities exempted from coverage?

A2. The law does not cover processes “designed to manage the type or volume of incoming or outgoing electronic mail or telephone, voice mail or internet usage,” and it also does not apply to processes “that are not targeted to monitor or intercept the electronic mail or telephone voice mail or internet usage of a particular individual.” The law also exempts processes that are “performed solely for the purpose of computer system maintenance and/or protection.”

Q3. What are some of the law’s compliance obligations?

A3. Private-sector employers that “monitor[] or otherwise intercept[] [employee] telephone conversations or transmissions, electronic mail or transmissions, or internet access or usage” must post a notice of electronic monitoring in a “conspicuous place which is readily available for viewing” by affected employees. Employers also must furnish new employees with written notice when they are hired. The law requires that newly hired employees acknowledge receipt of the notice, “either in writing or electronically.”

Q4. What information must be included in the notices?

A4. Under the law, employers are required to notify employees that “any and all telephone conversations or transmissions, electronic mail or transmissions, or internet access or usage by an employee by any electronic device or system” may be subject to monitoring “at any and all times and by any lawful means.” The law requires that the written notice advise employees that the electronic devices or systems that may be subject to monitoring include, but are not limited to, “computer, telephone, wire, radio or electromagnetic, photoelectronic or photo-optical systems.”

Q5. What are the penalties for violations of the law?

A5. The law provides for the imposition of civil penalties for violations of its requirements. Employers found to be in violation of the law are subject to civil penalties of $500 for a first offense, $1,000 for a second offense, and $3,000 for a third offense and for each subsequent offense. The Office of the New York State Attorney General will enforce the law.

Q6. Are there similar requirements in other jurisdictions?

A6. Connecticut and Delaware also require employers to provide notification of electronic monitoring. As the requirements of these laws vary slightly from New York’s law, employers doing business in either or both of these states and in New York may wish to consider whether to adopt a single approach, or adopt approaches tailored to each jurisdiction’s requirements.

Key Takeaways

New York employers that have not already taken action to comply with this new law may wish to consider whether to post physical notices in the workplace or utilize electronic postings that are visible upon logging in to the employer’s computer, or both.

Employers may also wish to determine how to incorporate the required notice to new employees in their new-hire and onboarding systems. Employers that address electronic monitoring in existing policies may also wish to review the existing policies to ensure that the information in those policies is consistent with the nature of the notification required by the new law, and update existing policies if warranted.

Employers may also wish to consider whether to obtain written or electronic acknowledgments of electronic monitoring from current employees. In addition, employers may wish to evaluate the potential for challenges to the use of information obtained through electronic monitoring absent compliance with the notice requirements.

© 2022, Ogletree, Deakins, Nash, Smoak & Stewart, P.C., All Rights Reserved.
For more articles about labor laws, visit the NLR Labor & Employment section.

Feeling Thirsty? Wall Street, Industry Giants Stir Renewed Interest in the CBD-Beverage Market

For several years, industry giants such as Coca-ColaPepsiCo, and Anheuser-Busch have made waves announcing future plans to explore the CBD-beverage market. And last week, Nasdaq published an article on the future of investment opportunities in cannabis-infused drinks. Perhaps most notable from the article was Nasdaq’s expected valuation for the CBD beverage market — a staggering $1.4 billion by 2023.

While it is true that certain investors are seeing green in the CBD-beverage market, the space is still plagued by a landmine of legal uncertainty and questions. Hemp-derived CBD was legalized at the federal level by the Agriculture Improvement Act of 2018, also known as the Farm Bill. However, as we previously discussed, the FDA and FTC have overlapping enforcement authority over the marketing of CBD products, which can include anything from food products to dietary supplements to beverages with CBD added. And as recently as November 16, 2021, the FDA reiterated that its approach to regulating the CBD industry will be same as it has been  — a regulatory minefield. The acting Deputy Center Director for Regulatory Policy at the FDA’s Center for Drug Evaluation and Research recently emphasized the agency’s position that it needs additional CBD research and safety data before it will consider CBD for uses beyond prescription drugs, including usage as a food or beverage additive or dietary supplement.

Companies marketing CBD beverages should take careful steps to ensure compliance with the FDA’s labeling requirements and guidance regarding CBD products. Unless and until the FDA provides further guidance, we can expect the back-and-forth game to continue with CBD companies entering the beverage space and the FDA initiating periodic enforcement actions. At a minimum, CBD companies entering the beverage space should refrain from making health claims, such as a product “can prevent, treat, or cure” a disease, as these claims are ripe for FDA enforcement actions. We provided several marketing dos and don’ts in a previous blog post that apply with equal force to the CBD beverage industry.

With industry experts claiming that the “best way to consume cannabinoids is through a beverage,” and Nasdaq reporting on the investment opportunities that surround CBD beverages, it is no surprise that CBD beverages are exploding in popularity.

© 2022 Bradley Arant Boult Cummings LLP

Article By Rachel L. Sodée and Richard W. F. Swor of Bradley Arant Boult Cummings LLP

For more articles on CBD, visit the NLR Biotech, Food, Drug section.

Federal Reserve System Takes First Step Toward Creating Its Own Digital Currency

On Jan. 20, 2022, the Board of Governors of the Federal Reserve System (Fed) issued the Money and Payments: The U.S. Dollar in the Age of Digital Transformation paper (Paper) to discuss how a potential U.S. central bank digital currency (CBDC) could improve the U.S. domestic payments system. The Paper covers: (1) the existing forms of money in the United States; (2) the current state of the U.S. payment system and its relative strengths and challenges; (3) the various digital assets that have emerged in recent years, including stablecoins and other cryptocurrencies; and (4) the pros and cons of a U.S. CBDC. This GT Alert summarizes each of these items.

The Fed is welcoming comments in response to the Paper by issuing 20 questions covering the subject. Answers to such questions must be provided by May 20, 2022, on the Fed’s CBDC Feedback Form. It is not a requirement that all questions be answered.

The Existing Forms of Money in the United States

As a means of payment, store of value, or unit of account, money takes multiple forms in the United States:

  • Central Bank Money: A liability of the central bank that serves as the foundation of the financial system and the overall economy. In the United States, central bank money comes in the form of physical currency issued by the Fed and digital balances held by commercial banks at the Fed.
  • Commercial Bank Money: The digital form of money most commonly used by the public. Commercial bank money is held in accounts at commercial banks.
  • Nonbank Money: Digital money held as balances at nonbank financial service providers (e.g., financial technology firms). These firms typically conduct balance transfers on their own books using a range of technologies, including mobile apps.

In the Paper, the Fed explains the downsides of Commercial Bank Money, which has little credit or liquidity risk due to (i) federal deposit insurance, (ii) the supervision and regulation of commercial banks, and (iii) commercial banks’ access to central bank liquidity, and of nonbank money, which lacks the full range of protections of commercial bank money and therefore generally carries more credit and liquidity risk. Conversely, the Fed explains, central bank money carries neither credit nor liquidity risk of the other two forms of money and is therefore considered by the Fed the safest form of money.

Recent Improvements to the U.S. Payment System

The U.S. payment system connects a broad range of financial institutions, households, and businesses. Most payments in the United States rely on interbank payment services—such as the ACH network or wire-transfer systems—to move money from a sender’s account at one bank to a recipient’s account at another bank. Interbank payment systems may initially settle in commercial bank money, or in central bank money, depending on their design. However, because central bank money has no credit or liquidity risk, central bank payment systems tend to underpin interbank payments and serve as the backbone of the broader payment system.

Recent improvements to the U.S. payment system have focused on making payments faster, cheaper, more convenient, and more accessible. A host of consumer-focused services accessible through mobile devices have made digital payments faster and more convenient. However, some of these new payment services, the Fed explains, could pose financial stability, payment system integrity, and other risks. For example, if the growth of nonbank payment services were to cause a large-scale shift of money from commercial banks to nonbanks, it could introduce run risk or other instabilities to the financial system resulting from the lack of equivalent protections that come with commercial bank money.

The Innovations of Digital Assets

Following the recent improvements to the U.S. payment system summarized above, the Fed recognizes that technological innovation has ushered in a wave of digital assets with money-like characteristics (i.e., cryptocurrencies). Cryptocurrencies arose from a combination of cryptographic and distributed ledger technologies, which together provide a foundation for decentralized, peer-to-peer payments. As a more recent incarnation of cryptocurrencies, stablecoins (digital assets backed by other assets such as fiat currency) are emerging as the favored method used today to facilitate trading of other digital assets, and many firms are exploring ways to promote stablecoins as a widespread means of payment.

The Fed, along with other U.S. banking regulators, has expressed concerns and called for regulatory action with respect to cryptocurrencies, particularly stablecoins, in the President’s Working Group on Financial Markets Report, covered in this November 2021 GT Alert.

Central Bank Digital Currency (CBDC)

In reacting to the rapidly changing landscape of digital assets in the United States, the Fed is considering how a CBDC might fit into the U.S. money and payments landscape.

Today, Fed notes (i.e., physical currency) are the only type of central bank money available to the general public, but a U.S. CBDC would enable the general public to make digital payments without requiring mechanisms to maintain public confidence like deposit insurance, and it would not depend on backing by an underlying asset pool to maintain its value. According to the Fed, a CBDC would be the safest digital asset available to the general public, with no associated credit or liquidity risk.

In the Paper, the Fed states that a U.S. CBDC, if one were created, would best serve the needs of the United States by being:

  • Privacy-protected: Any CBDC would need to strike an appropriate balance between safeguarding the privacy rights of consumers and affording the transparency necessary to deter criminal activity.
  • Intermediated: Under an intermediated model, the private sector would offer accounts or digital wallets to facilitate the management of CBDC holdings and payments. Potential intermediaries could include commercial banks and regulated nonbank financial service providers and would operate in an open market for CBDC services. Although commercial banks and nonbanks would offer services to individuals to manage their CBDC holdings and payments, the CBDC itself would be a liability of the Fed. An intermediated model would facilitate the use of the private sector’s existing privacy and identity-management frameworks; leverage the private sector’s ability to innovate; and reduce the prospects for destabilizing disruptions to the well-functioning U.S. financial system.
  • Transferable: For a CBDC to serve as a widely accessible means of payment, it would need to be readily transferable between customers of different intermediaries.
  • Identity-verified: Financial institutions in the United States are subject to robust rules designed to combat money laundering and the financing of terrorism. A CBDC would need to be designed to comply with these rules. In practice, this would mean that a CBDC intermediary would need to verify the identity of a person accessing CBDC, just as banks and other financial institutions currently verify the identities of their customers.

The Fed intends a potential U.S. CBDC to be used in transactions that would be final and completed in real time, allowing users to make payments to one another using a risk-free asset. Moreover it is intended that individuals, businesses, and governments would potentially use a U.S. CBDC to make basic purchases of goods and services or pay bills, and the U.S. government could use a CBDC to collect taxes or make benefit payments directly to citizens.

Potential Benefits of a U.S. CBDC

As highlighted by the Fed, the potential benefits of a U.S. CBDC are:

  • Meeting future needs and demands for payment services: According to the Fed, a U.S. CBDC would safely meet future needs and demands for payment services by offering the general public broad access to digital money free from credit risk and liquidity risk.
  • Improvements to cross-border payments: In the Paper, the Fed explains that a U.S. CBDC would improve cross-border payments by using new technologies, introducing simplified distribution channels, and creating additional opportunities for cross-jurisdictional collaboration and interoperability. However, realizing these potential improvements would require significant international coordination to address issues such as common standards and infrastructure, legal frameworks, preventing illicit transactions, and the cost and timing of implementation.
  • The dollar’s international role: The Fed expects that a U.S. CBDC would support the U.S. dollar’s international role because, in a world where foreign countries and currency unions may have introduced their own CBDCs, which could lead to a decrease in the use of the U.S. dollar, a U.S. CBDC might help preserve the international role of the dollar.
  • Financial inclusion: Promoting financial inclusion—particularly for economically vulnerable households and communities— by, among other benefits: (i) providing access to digital payments; (ii) enabling rapid and cost-effective payment of taxes; and (iii) enabling rapid and cost-effective delivery of wages, tax refunds, and other federal payments.

Potential Risks and Policy Considerations for a U.S. CBDC

Conversely, the potential risks and policies considerations of a U.S. CBDC are:

  • Financial-sector market structure: A U.S. CBDC could fundamentally change the structure of the U.S. financial system, altering the roles and responsibilities of the private sector and the central bank. For example, a widely available U.S. CBDC would serve as a close substitute for commercial bank money. This substitution effect could reduce the aggregate amount of deposits in the banking system and potentially reduce credit availability or raise credit costs for households and businesses. Similarly, an interest-bearing CBDC could result in a shift away from other low-risk assets, such as shares in money market mutual funds, Treasury bills, and other short-term instruments. A shift away from these other low-risk assets could reduce credit availability or raise credit costs for businesses and governments.
  • Safety and stability of the financial system: The safety and stability of the financial system could be affected by a U.S. CBDC because the ability to quickly convert other forms of money—including deposits at commercial banks—into CBDC could make runs on financial firms more likely or more severe. Traditional measures such as prudential supervision, government deposit insurance, and access to central bank liquidity may be insufficient to stave off large outflows of commercial bank deposits into CBDC in the event of financial panic.
  • Consumer privacy: A general-purpose CBDC would generate data about users’ financial transactions in the same ways that commercial bank and nonbank money generates such data today. In the intermediated CBDC model that the Fed would consider, intermediaries would address privacy concerns by leveraging their existing tools.
  • Prevention of financial crimes: Financial institutions must comply with a robust set of rules designed to combat money laundering and the financing of terrorism, including customer due diligence, recordkeeping, and reporting requirements. Any U.S. CBDC would need to be designed in a manner that facilitates compliance with these rules by involving private-sector partners with established programs to help ensure compliance with these rules.
  • Operational resilience and cybersecurity: Threats to existing payment services—including operational disruptions and cybersecurity risks— would apply to a U.S. CBDC as well. Any dedicated infrastructure for a U.S. CBDC would need to be resilient to such threats, and the operators of the U.S. CBDC infrastructure would need to remain vigilant as bad actors employ ever more sophisticated methods and tactics. Many digital payments today cannot be executed during natural disasters or other large disruptions, and affected areas must rely on in-person cash transactions and central banks are currently researching whether offline CBDC payment options would be feasible.
  • Efficacy of monetary policy implementation: Under the current “ample reserves” monetary policy regime, the Fed exercises control over the level of the federal funds rate and other short-term interest rates primarily through the setting of the Fed’s administered rates. In this framework, the introduction of a U.S. CBDC could affect monetary policy implementation and interest rate control by altering the supply of reserves in the banking system. In the case of a noninterest-bearing U.S. CBDC, the level and volatility of the public’s demand for U.S. CBDC might be comparable to other factors that currently affect the quantity of reserves in the banking system, such as changes in physical currency or overnight repurchase agreements. In this case, a decline in U.S. CBDC that resulted in a corresponding increase in reserves likely would only make reserves more ample and have little effect on the federal funds rate.

Conclusion

While the Paper examines the potential benefits and risks of a U.S. CBDC, it is not intended to advance any specific policy outcome, nor is it intended to signal that the Fed will make any imminent decisions about the appropriateness of issuing a U.S. CBDC. However, the Paper undoubtedly is the Fed’s first step toward central bank digital currencies via a public discussion with its stakeholders.

As previously indicated, the FED is accepting comments in response to the Paper until May 20, 2022, through the FED’s CBDC Feedback Form.

©2022 Greenberg Traurig, LLP. All rights reserved.

Article By Carl A. Fornaris, Barbara A. Jones, Marina Olman-Pal and Claudio J. Arruda of Greenberg Traurig, LLP

For more articles on digital currency, visit the NLR Communications, Media & Internet section.

NYC Announces Private-Sector Vaccine Mandate

On December 6, 2021, outgoing New York City Mayor Bill de Blasio announced major expansions to New York’s “Key to NYC” program, which was implemented through Emergency Executive Order 225 and became effective on August 17, 2021. The mayor also announced a first-in-the-nation vaccination mandate for private-sector workers in New York City, which is set to take effect on December 27, 2021. Additional guidance on these expansive mandates is expected on December 15, 2021.

Private-Sector Vaccine Mandate

The mayor has announced that New York City will implement a “first-in-the-nation,” vaccine mandate for private-sector workers. The mandate is currently set to take effect on December 27, 2021. The mayor estimates that approximately 184,000 businesses would be affected. A spokesperson for Mayor-elect Eric Adams, who is due to take office on January 1, 2022, just days after the mandate is set to take effect, has indicated that the mayor-elect will evaluate the mandate when he takes office and will “make determinations based on science, efficacy and the advice of health professionals.”

Key to NYC Expanded

Under the existing Key to NYC program, staff and patrons who enter certain types of indoor entertainment, recreation, dining, and fitness establishments are required to have received at least one dose of a COVID-19 vaccine. Previously, children under the age of 12, along with certain other individuals were exempt from showing proof of vaccination.

Beginning on December 14, 2021, children ages 5-11 will be required to show proof of at least one dose of the COVID-19 vaccine in order to enter the covered establishments mentioned above. While individuals were previously only required to show proof of one dose of the vaccine, beginning on December 27, individuals in New York City over the age of 12 will now be required to show proof of two doses of the vaccine.

High-Risk Extracurricular Activities

The mayor also announced that vaccinations would be required for children ages 5-11 if they wish to participate in “high-risk extracurricular activities.” These activities are currently defined as “sports, band, orchestra, and dance.” Children in this age group will be required to have the initial vaccine dose by December 14, 2021.

Key Takeaways

Employers in New York City may wish to review the above requirements to ensure that their practices comply with the obligations articulated in the anticipated mandates. Employers may also want to stay updated as the Key to NYC and the private-sector vaccine mandate continues to evolve.

Article By Kelly M. Cardin and Jessica R. Schild of Ogletree, Deakins, Nash, Smoak & Stewart, P.C.

For more labor and employment legal news, click here to visit the National Law Review.

© 2021, Ogletree, Deakins, Nash, Smoak & Stewart, P.C., All Rights Reserved.

2021 Guide: The Importance of Online Reviews for Law Firms

Welcome to 2021 — where our buying decisions are ruled by stars. Where we value a five-star review as much as we would a personal recommendation from an old friend, and anything less than 3 stars isn’t worth a second thought. Like it or not, here we are in the consumer-driven age of online reviews.

When looking into a product or service, nine times out of ten we do an online search first. Whatever the search results fetch for us, we click through. We read reviews, we count the number of stars, and 90% of us base our buying decision on what the reviews say.

In fact, 72% of consumers trust online reviews as much as they would a recommendation from a personal friend. It goes without saying that online reviews can be an incredibly valuable tool for your law firm. Beyond the psychological impact that they have on consumers buying decisions, it can also help boost your local SEO rankings so that your law firm shows up first when people are looking for a lawyer in their area.

However, many lawyers may be hesitant to ask their clients for online reviews, since they assume one bad review can taint their online reputation. Out of fear of straying from the particular image they hope to convey online, they prefer to have no reviews at all.

What a mistake this is.

You can think of your online reputation like a credit score. No established credit is the same as bad credit. No review is the same thing as a bad review. Whether it’s for a burrito or a lawyer, consumers want to see online reviews.

Prospective clients want reassurance about a lawyer, so they are looking for law firm reviews before making their decision.

A Google Business Profile Is Key

A recent survey asked legal consumers what their steps were after searching for a lawyer on Google. Almost 30% replied that they would google lawyer reviews and read the reviews on a business’s Google profile while just under 20% said that they would read a review on another website. This goes to show that Google is one of the most important places where you should have online reviews for your law firm.

Although there are many different review websites that people go to to make their buying decisions, Google should be lawyers’ primary concern. Setting up a business profile on Google is totally free, and it can be a fantastic tool for generating leads.

How Google Reviews Benefit Your Law Firm

Increased Online Visibility

Google tracks your law firm’s ratings and will boost your visibility based on how many ratings you have. If you can manage to get enough ratings, you can push your law firm to the top of Google search results which lists the first three businesses in the area that match a user’s search query. This is known as Google local pack, and they come directly from the Google My Business directory. Again, another reason that your law firm should have a Google business profile.

People Trust Google

A good review on Google has the potential to sway even the most skeptical of customers. 74% of consumers say that a positive review on Google makes them more inclined to trust a business. Simply put, people look to Google as their one-stop internet concierge to show them what’s hot and what’s not.

Google Customer Interaction = More Leads

Google bases your search ranking on how much you interact with your user reviews. So, before you think that you only have to respond to bad reviews, don’t forget that you should also be responding to the good ones. Google is paying attention and recognizes active responses.

Get into the habit of visiting your Google business profile every day and responding to every single review. Apologize when it’s necessary and say thank you when it’s called for. Think of your Google profile as a garden — you have to sprinkle it every day with customer interaction for it to blossom into a lead magnet.

Increased Click-Through Rates

When people visit your business profile and see a high rating, they will naturally gravitate towards your website. Consequently, you’ll improve your click through rate giving you an opportunity to reach your target audience even more.

Why Online Reviews of all Kinds Are Important

Although Google is ideally where most of your online reviews should be, that’s not to say that other review sites aren’t beneficial. Whether your clients review you on Google or Yelp, here is why online reviews are important for your business.

Social Proof

People are more likely to choose a lawyer if they can find a review telling them that it’s a good purchase decision. Social proof has a huge impact on sales and can be the driving decision between choosing your law firm or a competing one. If a lead sees your law firm listed as a five-star review, they’re going to believe that it’s worth the hype. The more feedback you can generate from prior clients, the more that you will encourage others to work with you too.

Increased Visibility

Regardless of what review website you’re on, each site has its own way of indexing content. The more customer reviews that you have the more that the website will push your business to the top. Algorithms favor your website as the authority when you have a high amount of great reviews, therefore giving your law firm more visibility.

Trust

One of the most important things that people look for in a lawyer is trust. People are looking for someone to handle their matter who they know they can count on to do it right. Each time you get a great review, you’re increasing your credibility, making you look that much more trustworthy. If your law firm has plenty of reviews claiming how great you are, then it’s going to significantly increase people’s trust in you that you’re the right person for their case.

Brand Reach

Encouraging your clients to leave you a review will increase conversation about your law firm. If customers are talking about you online, then you’ll boost your online presence, and ultimately your ranking. So, encourage your customers to share their happy experiences on as many different review sites as possible, increasing your brand’s footprint on multiple channels.

Dealbreaker

There are many customers out there who won’t purchase a service or product from a brand they don’t have any information on. Just about 2/3 of consumers make their final decision based on online reviews. So, for those consumers who need to see online reviews before they make their final decision, you need to make sure that your law firm shows up first by producing a steady stream of online reviews.

Increased Sales

There is a great deal of data out there that proves that online reviews significantly impact your bottom line. According to a Harvard study, increasing your star rating will lead to a boost of 5 to 9% sales, which clearly demonstrates that even a small improvement in your rating can have a pretty big impact on your revenue.

Reinforces Client Relationships

A lot of law firms make the mistake of assuming that you only have to respond to negative reviews, which simply isn’t true. Reviews are a wonderful way to strengthen your relationships with customers by responding to both positive and negative feedback. Reviews give you an opportunity to reinforce positive experiences by giving thanks and providing an open line to your previous clients while recognizing where you have room to grow.

Giving personalized replies to comments means that you’re giving your law firm a human face. When you have an open-to-feedback demeanor, it’s attractive to potential clients. A friendly online attitude in response to positive and negative reviews can work wonders for your reputation.

Encourages Growth

Any smart business knows that there’s always an opportunity to grow and improve. Observing your customers’ positive and negative experiences online can give you better insight as to what your clients truly want. If you get one or two reviews mentioning a specific problem, then it’s probably not that big of an issue. However, if you notice the same issues coming up several times in a row, then you know that it’s clearly an indication that you need to make a change.

By using your customers’ experience as insight, you can make improvements where necessary, and use each review as a stepping stone towards becoming the best you can be.

Tips For Handling Critique

One of the most common reasons why lawyers are hesitant to encourage online reviews is they don’t want negative critique floating around online potentially tarnishing their reputation. And while your first instinct when you see a negative review of your law firm, may be “Take it down! Sue for defamation!” that’s not always the best solution. A review that contains outright false information may be considered defamation, but is it really worth a legal battle?

So, when you get a negative review, take a deep breath and try the following.

Respond Professionally

Nothing looks more unprofessional than seeing a business come down on a negative online review with an aggressive and self-defensive response. Or worse, not responding at all. Instead, it helps to respond professionally and calmly, encouraging the unhappy client to contact you directly, shifting the dialogue away from the public eye.

When responding, always make sure that you apologize appropriately if needed, and make it clear that your number one goal is finding a resolution. Above all, always make sure that a client’s case is kept confidential. If your law firm fails to respect confidentiality in its response, it could lead to bigger issues than your online reputation.

Encourage More Positive Reviews

Since you can’t take negative comments down, the next best thing you can do is drown them out! After responding professionally to a negative review, wash it out by turning it into a small piece of a greater whole. The way that you do this is by encouraging more and more reviews.

If the majority of your online reviews are saying that your law firm is fantastic, and there are only one or two negative reviews, then they’ll usually be ignored. So, don’t be afraid to ask for reviews from your happy clients to water down the negative ones.

It’s as simple as asking your client at the end of their case by sending an email. If they had a positive experience, chances are that they’ll be thrilled to leave you one or several positive reviews online. It doesn’t take much convincing for a happy client to spread the word about their great experience.

You may even want to consider adding a review landing page on your website to provide an easy way for clients to review you.

However, it’s important to note that certain review sites like Yelp publicly state that businesses should not directly ask clients to post reviews. So, always make sure that you’re familiar with the legalities before asking a client to review you on a certain site.

Online Reviews: A Critical Part of Clients Decision Making Process

As we near 2022, we see more than ever why online reviews are important for law firms. Reviews will continue to play an important role for clients searching for a lawyer, so it’s time to start prioritizing online reviews as a part of your law firm’s marketing strategy.

In order to build a five-star reputation for your law firm, You’ll need to give your clients a reason to leave a great review.

One of the best ways to do that is by relying on legal software to automate your processes. Automation features like drip campaigns for law firms, two-way SMS text messaging for law firms, and automated appointment scheduling give each client the impression that they’re your only client.

©2021 — Lawmatics

Article By Sarah Bottorff of Lawmatics

For more articles on legal marketing, visit the NLR Law Office Management section.

Trade Secret Implications of Facebook’s Frances Haugen’s Testimony: Do NDAs Protect Trade Secrets Against Whistleblowers?

This month, Facebook whistleblower Frances Haugen publicly revealed her identity on CBS’ 60 Minutes and testified before a Congressional subcommittee on the matter. Ms. Haugen was formerly a member of Facebook’s civic misinformation team, and in a series of reports to the Securities and Exchange Commission, she detailed Facebook’s ongoing illegal and unethical business practices. These include prioritizing profit over the safety of users, repeatedly lying to investors and amplifying the January 6th Capitol Hill attack on their platform. As a result, lawmakers have discussed potential solutions to rein Facebook in, including Section 230 reform and a new national data privacy law.

Previously, we discussed the legal implications of Ms. Haugen’s testimony for whistleblowers and employers, as well as implications for data privacy. In part three of our series, we will discuss the trade secret and intellectual property related implications of the Facebook testimony.

What are the Trade Secret Implications of Frances Haugen’s Testimony?

According to reporting from the Wall Street Journal, the confidentiality agreement Ms. Haugen signed with Facebook allowed her to disclose information to regulators, but not to share proprietary information. The company said it will not retaliate against Ms. Haugen for testifying to Congress, but has not said if it will respond to her disclosing information to the press and federal regulators. Trade Secrets as their name implies are the ‘secret sauce’ that is the result of a company’s investment in research and development and what makes them better and different.

However, in an interview with the Associated Press, Facebook’s Head of Global Policy Management Monika Bickert said Ms. Haugen “stole” documents from the company, which sheds light on how Facebook may view Ms. Haugen’s actions and may react differently down the road..

Furthermore, confidential information is not the same thing as trade secrets, with confidential information having its own protections, Davis Kuelthau Senior Attorney Michael J. Bendel explained to the National Law Review.

“From what I have seen, I don’t know if her testimony, or the documents she released, rise to the level of being trade secrets under the relevant law,” he said. “The information is likely confidential information, and that can create its own grounds for protection and breach, such as a breach of a fiduciary duty she may owe to Facebook, but to be a trade secret takes more than simply being confidential information.”

Do Non-Disclosure Agreements (NDAs) Protect Companies’ Trade Secrets?

Mr. Bendel said two laws in particular could be significant in determining if the information would be considered a trade secret and the implications of the sharing the information, including the California Uniform Trade Secret Act (CUTSA) and the Federal Defend Trade Secrets Act (DTSA). Both laws could be used by Facebook against Ms. Haugen, since Facebook is headquartered in California.

Definition of a Trade Secret and How Does it Interact with the CUSTA and DTSA

“Even after the Frances Haugen situation, I predict all the usual trade secret protections will still be available. The basic definition of a trade secret is: information not generally known to the public that gives economic benefit to its owner and reasonable efforts are made by the owner to maintain its secrecy,” he said. “We would have to look at the particular CUTSA and DTSA requirements to determine how a particular business goes about creating a trade secret in its location, and then what happens to cause an improper disclosure of that trade secret where it occurs, and then what remedies are available to such a company to prevent that or seek damages and try to be made whole from such an improper disclosure.”

NDAs do protect companies’ trade secrets, but laws like the DTSA include whistleblower immunity as a safe harbor to encourage employees to disclose information that may be a trade secret and evidence of a violation of law by the company, Mr. Bendel said.

“An employee takes a risk that the trade secret information is in fact such evidence of a violation (or likely to lead to such evidence) to qualify for the immunity.  Differently, the CUTSA does not provide such whistleblower immunity,” he said. “As another example, the DTSA expressly allows an aggrieved company to seek, without any notice to the defendant, a court order to seize property to help prevent further damage to the trade secret. Differently, the CUTSA does not have the same such remedy.”

However, for companies to take advantage of its remedies under the DTSA when a case like Ms. Haugen’s arises, they need to include safe harbor language in employee contracts specifically mentioning that the company promises not to hold individuals liable under federal or state trade secret laws for the disclosure of trade secrets to an attorney, or a federal, state or local government official, directly or indirectly, for the purpose of reporting or investigating a suspected violation of law. Additionally, the law does not allow employees to disclose trade secrets to private entities like newspapers and social media networks.

“So, in the Frances Haugen case where she shared information with The Wall Street Journal, that appears to create a clear issue for her under available trade secret law, if trade secrets were taken from Facebook, as we know that information has been disclosed without Facebook consent,” Mr. Bendel said.

Conclusion:  Is Your Company’s NDA Protecting Your Trade Secrets?

How effective a company’s NDA is in protecting trade secrets depends on how the agreement is drafted. Despite Facebook saying it won’t retaliate against Frances Haugen for testifying to Congress, it’s possible they may decide to press charges against her for talking to the press about their internal documents.

Even if Facebook decides to go down that route, whistleblower attorneys told the National Law Review that Ms. Haugen’s testimony may open the door for more whistleblowers to come forward with similar allegations against other tech companies. Additionally, even if a company can take action against an employee for disclosing trade secrets, they should not use NDAs to cover up evidence of wrongdoing.

“This position has some extensive basis in the law of public policy that prevents private actors from using their private business activities, and even such a thing as a trade secret, from being used to violate the law,” Mr. Bendel said. “This is similar rationale as the ‘safe harbor’ approach, but grounded in the fact that we do not want to enable people to hide behind certain tools like non disclosure agreements and trade secret protection, if the people/company is using these tools to hide activities that break the law.”

Read the first part in our series on Frances Haugen’s Facebook whistleblower testimony here.

Read more on the privacy implications of Frances Haugen’s Facebook whistleblower testimony here.

Copyright ©2021 National Law Forum, LLC

Article By Rachel Popa and Chandler Ford of The National Law Review / The National Law Forum LLC

For more articles on Facebook, visit the NLR Communications, Media & Internet section.

Legal Marketing in the Post COVID-19 Work Environment with Jaffe PR [PODCAST]

In this inaugural episode of the Legal News Reach podcast, Rachel and Jessica discuss marketing in the post-COVID work environment with Melanie Trudeau, Director of New Business & Digital Strategies with Jaffe PR.