The Texas Supreme Court agreed to determine whether a school teacher’s allegations of a hostile work environment by her same-sex superiors can support a claim of gender discrimination in violation of the Texas Commission on Human Rights Act (TCHRA). The court will also decide whether the circumstantial evidence presented to prove the teacher’s retaliation claim is sufficient to support a violation of the TCHRA.
The teacher alleged that a fellow coach began to sexually harass by allegedly making comments about the teacher’s body and physical appearance. When the teacher reported the harassment to her direct supervisor, the supervisor did nothing to put a stop to it and, shockingly, joined in the harassment. The teacher subsequently reported the harassment to the school principal and submitted a written complaint. The principal failed to file a formal complaint and, rather, conducted her own investigation. The principal’s underwhelming reaction pushed the school teacher to file charges of discrimination and harassment with the EEOC, at which point the principal informed her that there would be “consequences” for her complaints.
The teacher quickly found that there would, in fact, be consequences to her complaints. Within a few days of learning of the EEOC charges, the principal placed the teacher on a remedial plan and claimed it was necessary to assist in the teacher’s ineffective communication with co-workers and failure to report the alleged harassment within 10 days of its occurrence. The principal placed the teacher on administrative leave soon thereafter and eventually terminated her employment.
The school’s petition to the Texas Supreme Court asked it to determine whether the teacher’s allegations of same-sex hostile work environment—woman to woman harassment, in this case—can constitute gender-based discrimination under the TCHRA. The school argued in its petition that the appeals court failed to consider a U.S. Supreme Court standard that requires harassment to be “discriminatory at its core” in order to be actionable. The school also asked the court to determine whether the teacher’s circumstantial evidence used to support her retaliation claim was sufficient to support a TCHRA violation, giving special consideration to the teacher’s failure to submit any evidence regarding the but-for causation analysis required in such cases. The case will likely be placed on the court’s calendar in late 2017. Click here to view full briefing on the issue.
© 2017 BARNES & THORNBURG LLP
On March 2, 2017, Congressman Bob Goodlatte (R-VA) reintroduced the Renewable Fuel Standard (RFS) Reform Act, which aims to guide the debate and reform of the ethanol mandate. According to Goodlatte, the RFS program failed to lower prices at the pump and resulted in unintended and profound effects on consumers, energy producers, livestock producers, retailers, and the environment. The RFS Reform Act, which had 42 bipartisan cosponsors, would eliminate corn-based ethanol requirements, place a ten percent cap on the amount of ethanol that can be blended into conventional gasoline, require EPA to set cellulosic biofuels targets at levels produced by the industry, and decrease the total volume of renewable fuel content in gasoline sold or introduced into commerce from 2017 through 2022.
©2017 Bergeson & Campbell, P.C.
Technology is both a threat and an opportunity for law firms. On one end, technology has opened the door for market disruptors like LegalZoom and Rocketlawyer who provide some legal services faster and cheaper than law firms. Some of the low-hanging fruit that law firms and attorneys used to be able to count on is disappearing–or long gone. In a recent research study by Altman Weil, 21% of law firms surveyed said technology was a threat right now, and 53% of firms described technology as a future threat. But in many ways, technology is an opportunity for law firms. The proper technology can help law firms be better and faster, and it can provide law firms with the ability to provide clients with helpful information and analysis much faster than ever before. In our final installment of Re-Envisioning the Law Firm: How to Lead Change and Thrive in the Future, the survey from MPF Insight, the National Law Review will offer an overview of the recommendations surrounding technology in law firms offered in the survey.
Robert A. Young Former Chair, ABA Law Practice Division:
Technology has been increasingly important for today’s law firm with many experts predicting that it will soon surpass rent as your firm’s #2 expense after salaries. The time has come for managing partners to take a stronger and more proactive role in learning more about this vitally important area.
Having a plan for how technology fits in with your firm’s practice is a crucial part of any leadership strategy. Additionally, having an effective and robust cybersecurity policy in place is essential in today’s data-driven world.
Law Firms are investing more in technology. In 2016, firms surveyed increased law firms increased investment in the following areas by the following percentages:
- Cybersecurity, 23% of respondents increased investment
- Website, Internet & Digital marketing, 20% of respondents increased investment
- Case Management Software, 12% of respondents increased investment
- CRM & Database, 10% of respondents increased investment
- Competitive Intelligence, 5% of respondents increased investment
- Legal Research, 2% of respondents increased investment
For obvious reasons, Cybersecurity is the top area for new investment with law firms. In fact, a Chase Cost Management survey report released in 2015 showed that AMLaw 200 firms spend an average of $8,000 per full-time equivalent on information security. As a major concern for law firms and their clients it is imperative that firms have all employees trained and all client data safely secured. Having cybersecurity as a living breathing part of your technology plan can help you reap the benefits of technology safely, and your firm and your clients will benefit. However, good cybersecurity isn’t simply changing your password every six weeks; it is a vital skill set that must be understood from the top down.
Sharon Nelson, president of a digital forensics, information technology and information security firm says:
If your management mindset isn’t there, you are stuck in technological obsolescence. Good cybersecurity is good risk management, and better yet, a marketing tool to use with clients. Don’t just delegate this, that does not work. Learn it yourself, as much as you can-and lead by being knowledgeable–that’s how you ensure the future of your firm.
Website, Internet and Digital marketing is another area of growth in terms of law firm investment. Digital marketing tools can help a firm better target their marketing activities. Re-envisioning says, “The reach is as big or as small as you want it to be and the subject matter can be much more focused, speaking directly to industries and communities through email and social media channels.” By using the technology and data-gathering tools available, law firms can maximize their digital footprint and reach many more potential clients.
A final recommendation from the survey, “Don’t be held hostage by your technology vendors.” By embracing open-sourced Customer Management services and web development platforms, your firm can create a product that works seamlessly into your processes. The time and effort put in up front will pay off with the flexibility available in the end.
Technology is not going away, and the negative elements of technology are already happening. In order to enjoy the benefits technology has to offer, Law firm leadership needs to find the ways that technology can benefit their firms, their attorneys, and their clients.
This is the sixth article in this series. Please find the earlier articles below:
On March 10, 2017, the U.S. Department of Interior’s Bureau of Ocean Energy Management (BOEM) posted four unsolicited applications for wind project leases on the Outer Continental Shelf. PNE Wind U.S.A., Inc. has filed three lease applications, two for offshore Massachusetts and one for offshore New York. Separately, Statoil Wind US LLC filed a lease application for offshore Massachusetts.
The developers’ lease requests, particularly the overlapping requests for offshore Massachusetts, indicate continued interest and growing competition in the U.S. offshore wind sector. The quickening pace of activity in the U.S. offshore wind market, including completion of Deepwater Wind’s Block Island offshore wind farm and today’s auction process for offshore North Carolina, suggests that offshore wind projects may become a more important part of the U.S. power generation portfolio in the coming years. In addition, the unsolicited application for offshore New York and the federal government’s response may provide an early indication as to the Trump Administration’s position on offshore wind development going forward. Increased activity and a new administration in the White House present opportunities to engage on this issue and shape the policies that will govern the federal offshore leasing program for the next four or eight years, or beyond.
BOEM is charged with managing energy development on the U.S. Outer Continental Shelf (OCS), for both traditional energy resources and renewable energy projects alike. The agency discharges this responsibility for renewable energy projects via its leasing process outlined in the Code of Federal Relations at 30 C.F.R. Part 585. BOEM’s rules set out a comprehensive site evaluation, lease auction, project management, and decommissioning program for renewable energy projects on the OCS.
To date, BOEM has completed twelve offshore wind commercial leases and one research lease. BOEM has issued commercial leases to four lessees for offshore Massachusetts: Cape Wind, Bay State Wind, Offshore MW, and Deepwater Wind New England (joint lease offshore Massachusetts and Rhode Island). Separately, BOEM has concluded a provisional lease with Statoil Wind for a site offshore New York. The Massachusetts auction in January 2015, lasted two rounds and the New York auction in December 2016, lasted 33 rounds, suggesting growing interest and competition for lease blocks on the eastern seaboard.
Unsolicited Lease Applications
Following these competitive lease auctions, both Statoil Wind and PNE Wind submitted unsolicited applications to lease OCS lands offshore Massachusetts for wind power projects. In addition, PNE Wind also filed an application for a potential lease area offshore New York.
For the offshore Massachusetts lease proposals, BOEM has stated that it will proceed with the competitive leasing process outlined in the agency’s regulations. BOEM notes that because both Statoil Wind and PNE Wind are qualified to hold an OCS lease and both companies nominated the same area for lease, BOEM has determined that there is competitive interest for this OCS land. BOEM’s next steps will be to publish its leasing process in the Federal Register, including identifying the lease areas for environmental analysis, issuing a Proposed Sale Notice with a 60-day public comment period, and a Final Sale Notice at least 30 days before the lease sale.
In contrast, BOEM states that it will consider whether to move forward with PNE Wind’s application for offshore New York. If the agency determines that it will move forward with PNE Wind’s application, BOEM will issue a public notice to determine whether there is competitive interest in the proposed lease area. BOEM’s regulations allow the agency discretion to review unsolicited lease applications on a case-by-case basis. The rules do not require that the agency formally evaluate the application. BOEM may exercise its discretion to grant an unsolicited application following issuance of a Determination of No Competitive Interest and additional inter-agency coordination.
The key takeaway from these filings is that, as a new presidential administration assumes control over the Interior Department and BOEM, interest in U.S. OCS leasing for wind energy projects remains strong despite relatively low fuel prices for hydrocarbon-based power generation. These lease applications suggest that the suite of subsidies and other incentives supporting offshore wind development at federal and state levels, including in Massachusetts and New York, continue to encourage developers to think creatively as to how they can access this growing market.
In addition, PNE Wind’s unsolicited application for offshore New York offers an early opportunity to gauge the Trump Administration’s support for offshore wind projects. Given U.S. President Donald Trump’s past skepticism regarding offshore wind, industry players are unsure of the Trump Administration’s support for offshore wind development, notwithstanding Secretary of the Interior Ryan Zinke’s endorsement of an “all of the above” energy strategy during his confirmation hearing. BOEM’s response to the unsolicited lease application may illustrate the Trump Administration’s level of support for offshore wind.
The next indicator for the strength of the U.S. offshore wind market will come from today’s OCS auction for offshore North Carolina. Following a lease auction in New York that attracted a winning bid of more than $42 million, industry watchers will closely monitor the outcome of the North Carolina auction to determine whether the sector will maintain its rapid growth. Recognizing that the specific characteristics for the North Carolina proposed lease and auction will differ from those in the New York auction, the strong showing of interest in the North Carolina auction, as demonstrated by the nine companies qualified to participate in the auction, may keep momentum building for the offshore wind sector in the United States.
 BOEM Lease Areas Shapefile, https://www.boem.gov/BOEM-Lease-Areas-Metadata/ (last visited Mar. 15, 2017).
 In denying a preliminary injunction, the U.S. District Court for the District of Columbia recently held that BOEM complied with the National Environmental Policy Act when it relied on an environmental assessment and finding of no significant impact (“EA/FONSI”) to issue Statoil Wind’s provisional lease for offshore New York. Fisheries Survival Fund, et al. v. Jewell, et al., Case No. 16-cv-2409 (D.D.C. Feb. 17, 2017). This decision clears one potential obstacle for Statoil and helps reduce the risk of similar challenges to BOEM’s determinations to approve leases that allow project evaluation and design to move forward. Responses on the merits to the challengers’ claims are due by May 8, 2017.
March Madness has arrived! The 2017 NCAA Basketball Tournaments tip-off tonight (March 15) and continue through the Women’s and Men’s National Championship Games on April 2 and 3 respectively. With this, comes the American tradition of companies and their employees betting on tournament outcomes through office bracket pools.
As lawyers, we have to point out that your company’s March Madness pool is very likely illegal under at least three federal gambling laws (the Professional and Amateur Sports Protection Act, the Interstate Wire Act of 1961, and the Uniform Internet Gambling Enforcement Act) and many state laws. And we would be remiss to not mention that there is a parade of horribles that could happen from permitting such workplace wagering.
With that said, the more practical reality is that office pools have become a widely-practiced and culturally accepted form of gambling, law enforcement authorities seem to have little interest in enforcing laws that technically prohibit them, and many employers view these office pools as a workplace morale booster.
For those employers – seemingly, most all of them – who will not shut down this popular practice, here are some best practices to help mitigate legal issues when sponsoring or allowing office pools:
Make sure that all entry fees are distributed solely to the winner or winners of the pool. An employer, or employees organizing a pool, should never take a “cut” of entry fees. Under various anti-gambling laws, profiting from the pool in this way raises a host of issues.
Limit pools to offices within a particular state. Doing so may prevent the pool from violating federal laws, as they generally require the transmission of money or communications across state lines to be applicable.
Make participation completely voluntary and limit entry fees to nominal amounts. Expensive or compelled buy-ins may encourage the predilections of employees who are problem gamblers, and expensive buy-ins may tempt those employees responsible for collecting and distributing entry fees to surreptitiously take a “cut.” Compelled buy-ins could implicate wage and hour and religious anti-discrimination laws. Following these guidelines helps ensure that an office pool is low-stakes and simply intended to promote friendly rivalry.
Do not retaliate against or single-out employees who may complain to the pools. There are plaintiff’s lawyers out there who will try to tether an internal complaint of unlawful activity to later adverse action against the complainer.
Prohibit employees from gambling in other pools on company time or through company equipment. Apart from a workplace pool, employees may choose to participate in other pools with non-employees, and there are many options to do so online (including through company-issued or owned computers). These other pools can raise additional concerns about potential violations of the law, to the extent they involve large wagers, are structured to profit the organizer, or involve interstate communications. Consequently, for reasons of both legality and ensuring employee productivity, employers are best served by a policy that prohibits employee gambling in other pools on company time or company equipment.
Consider sponsoring a free pool that provides a non-monetary award. Although employees may not find it as interesting, an employer concerned about the legality of its office pool may consider sponsoring a pool that is free to enter, with a non-monetary award (a gift card or some other prize) for the winners. The lack of an exchange of money in such a pool may avoid the reach of potentially applicable anti-gambling laws.
Putting legality aside, it is well-established that employee productivity takes a hit during March Madness, particularly since it is now possible to watch games online through work computers or personal mobile devices, and permitting an office pool could encourage distraction.
To accommodate employee interest in the tournaments while reducing productivity loss employers should consider airing the games in a breakroom or lunchroom. At the same time, add sports broadcasts and websites to blocked sites on company systems that monitor and limit Internet use on company-owned computers, systems and devices (certainly, gambling and unlawful activity websites should be blocked year-round). And if productivity becomes a problem, communicate policies addressing these concerns to employees, including policies restricting viewing to non-break times or reminding employees (including those tempted to duck out early to catch a game) of applicable attendance and punctuality policies.
As March Madness begins, we wish you the home court advantage.
©2017 Drinker Biddle & Reath LLP. All Rights Reserved
We planned to write a blog about the revised travel ban Executive Order as soon as it came out. That the revised order was delayed for several weeks until March 6 highlights the uncertainty we face in 2017. Below we try to answer various questions we regularly receive about immigration issues.
Is domestic airplane travel OK? This may sound like a simple question, but recent events suggest more caution may be wise. For example, Immigration and Customs Enforcement (ICE) agents recently met a plane landing at JFK Airport in New York City, and asked everyone about their immigration status. The agents were looking for someone who had an old deportation order, but it is possible that anyone without evidence of status could have faced delays. This is a good time to remind ourselves that the law requires anyone who is not a U.S. citizen to carry evidence of status at all times (green card, Employment Authorization Document (EAD), Form I-94 or electronic I-94 printout, valid, unexpired nonimmigrant DHS admission or parole stamp in a foreign passport, etc.). Try to make it easy for a government officer.
Isn’t that overreacting based on one incident? Maybe, but the bigger picture is that immigration enforcement agents have more discretion and wider operating room than before. Two memos issued by the Department of Homeland Security (DHS) on February 20 allow for “expedited removal,” which is a fast track process that skips a hearing with an immigration judge. Expedited removal now can apply to anyone who entered the country within the past 2 years (used to be 2 weeks), and anywhere in the United States (used to be within 100 miles of the border). Expedited removal happens quickly, sometimes within a matter of days. Having a copy of a document showing status and that you have been in the United States more than two years could help avoid questioning and expedited removal.
How about electronic devices? Can those be searched at the airport or border? The simple answer is “yes,” and this is happening more often. We recommend that private information, such as a doctor with patient information, should be encrypted. According to the Customs and Border Protection (CBP) website, CBP officers may search laptops, cell phones, or other electronic devices. CBP may not select someone for a personal search or secondary inspection based on religion, race, national origin, gender, ethnicity, or political beliefs. U.S. citizens may also be questioned and have their devices seized for refusal to provide passwords or unlock devices, but cannot be prevented from entering the United States. Noncitizens may, however, be denied entry. Adding to the uncertainty about how this will play out is a section in one of the January Executive Orders that directs federal government agencies to make sure they “exclude persons who are not United States citizens or lawful permanent residents” from Privacy Act protections concerning personal information.
What does this mean for people from the six countries covered by the new travel ban? Will the court battle still continue? The new order clarifies that green card holders and Iraqis are NOT affected by the visa ban, and that people who had visas revoked or cancelled by the first order may be able to get a travel letter to return. The new order takes effect March 16, 2017, and lasts for 90 days. People with valid visas stamps in their passports can still use them, but new visa stamps will not be issued with very limited discretionary exceptions. The Visa Interview Waiver program is suspended for all countries, and the order states that DHS may add countries to the list after further review. People who are citizens of the six countries can still face additional questioning when they enter the United States as part of a general pattern of enhanced vetting. Travel for citizens of the six countries remains a calculated risk.
We expect that court challenges will continue. The ban still focuses on six predominently Muslim countries, which some see as a religious-based action. There are still arguments about the negative effects on U.S. business and academic programs.
What does this all mean for DACA recipients? The January Executive Orders state that the deferred action for childhood arrivals (DACA) program remains in effect, but that DACA “will be addressed in future guidance.” This is good news for the 750,000 plus people who have DACA. However, continuation of the program is not guaranteed. And the January Executive Orders call for greater enforcement against anyone with any kind of criminal issue or with a previous deportation order. Some DACA recipients have minor criminal issues – will they be able to renew? Some recipients have previous deportation orders – how will they be treated? DACA recipients should carry their DACA approval and work card with them, should keep investigating ways to get back into status, and talk to an attorney or legal service agency if they have ANY criminal issue, no matter how minor.
What does this mean for undocumented parents of students who want to fly within the United States for their child’s graduation? Some of them have traveled before with no problems. President Obama’s “Priorities Memo” used the idea of prosecutorial discretion to give some level of comfort to those at the bottom of the priority list for enforcement. The new orders make clear that there is a top of the list, but no bottom. The law is the law, and anyone undocumented who is caught could be removed. Anyone who is undocumented who is considering traveling should talk to an attorney or legal service agency to evaluate their own particular situation. For example, immigrationlawhelp.org has a list of accredited agencies. Also, this is not a completely new situation. Every year we see family members abroad who do not receive tourist visas to come to the United States. For those situations, some schools have set up a Skype feed of the ceremony through someone’s cell phone, or sent the family a photo of the student graduating, or other clever ways of trying to include the family in the event.
Speaking of DACA, can many of them really move beyond DACA now? It is certainly worth asking. Many filed for DACA on their own, and have never had a legal consultation despite the fact that their immigration histories can be incredibly complicated. Most interestingly, a growing number of DACA recipients got DACA under age 18½ and now have degrees. Those people MAY (emphasize “may”) not have what is called “unlawful presence,” and MAY be able to consular process an employment based visa or green card.
Going beyond travel, are there any other ways campuses can prepare for new immigration enforcement priorities, short of declaring a “sanctuary campus”? Yes, there are some basic steps that campuses can take. One set of model guidelines focuses on interaction with government officials. Campus response has varied but generally been strong in favor of international education and diversity. A Washington Post article found that the vast majority of schools have made some kind of statement. Some schools have been concerned about the political effects of opposing the travel bans. They worry that if they declare themselves immigration sanctuaries they may put a target on their backs. While some schools may be less vocal in their responses, most are supporting students and scholars who are concerned, and connecting students with extra services including counseling and legal services.
If I feel my school is not doing enough, what can I do? In immigration, stories matter. For example, an Iranian graduate student may be thinking of leaving the United States to do a post doc in another country, or cannot travel to present work at a conference abroad, or is simply not sleeping or eating well out of concern, or have a spouse is not still able to enter the United States. These stories help show the real impact of the travel ban. And facts matters – there are some good articles and websites that provide data on the basis of the travel ban and the effects, and also on the positive impact of immigrants on our economy.
I heard the Executive Orders canceled all of President Obama’s orders except for DACA. Does that include the “sensitive locations” memo that said enforcement should not take place at sensitive locations such as campuses, churches, and hospitals? It appears that the ban on enforcement at sensitive locations survives. This policy is still on the ICE website, and in a DHS Q&A. We hope this will continue.
Is it true that the Administration and Congress plan to cut back F-1 STEM OPT and the H-1B program, and raise the minimum salaries for H-1B workers? A lot of ideas and draft memos are floating around Washington how to “fix” immigration, including the H-1B system. Bills pending in Congress would amend the H-1B process. The White House may ask DHS to conduct a study of the visa process to determine which visa regulations may or may not be in the national interest, and to make recommendations on how to improve visa systems, including the H-1B system. Are we sure that nothing like this will happen quickly, surprising us the way the travel ban did? Not sure, but passing legislation in Congress and amending federal regulations are normally long-term projects. Remember, the Obama administration was successfully sued for trying to make big changes without formal procedures.
That’s 11 questions – anything else I should know? We all need to remember the energy it takes to operate in uncertainty. In a recent presentation at a university, the director of the counseling center explained that uncertainty can be more tiring and emotionally challenging than bad news. At least with bad news, we can focus attention on how to address it. So hang in there!
 The new executive order is at https://www.whitehouse.gov/the-press-office/2017/03/06/executive-order-protecting-nation-foreign-terrorist-entry-united-states (Mar. 6, 2017).
 INA § 264(e) provides: “Every alien, eighteen years of age and over, shall at all times carry with him and have in his personal possession any certificate of alien registration or alien registration receipt card issued to him pursuant to subsection (d). Any alien who fails to comply with the provisions of this subsection shall be guilty of a misdemeanor and shall upon conviction for each offense be fined not to exceed $100 or be imprisoned not more than thirty days, or both.” 8 C.F.R. § 264.1(b) lists the acceptable types of “registration” document that must be carried.
 The DHS memos and accompanying fact sheets and Q&As are at https://www.dhs.gov/executive-orders-protecting-homeland.
 For an article discussing whether expedited removal is constitutional, see David Savage, Trump’s fast-track deportations face legal hurdle: Do unauthorized immigrants have a right to a hearing before a judge?, Mar. 3, 2017, http://www.latimes.com/politics/la-na-pol-deport-legal-20170302-story.html.
 For general information on the rights of travelers regarding social media accounts and electronic devices, see https://www.aclu.org/know-your-rights/what-do-when-encountering-law-enforcement-airports-and-other-ports-entry-us. For an interesting NPR piece on this issue, see http://www.wbur.org/hereandnow/2017/02/16/border-agent-unlock-phone.
 https://www.washingtonpost.com/graphics/national/visas-impact/; https://www.bloomberg.com/news/articles/2017-01-31/trump-s-immigration-ban-could-cost-u-s-colleges-700-million; immigrationimpact.org.
How Does Supreme Court’s Remand of Transgender Discrimination Case Impact Wage-and-Hour Class Actions?
On March 6, 2017, the Supreme Court, in a one-sentence summary disposition, remanded the case of Gloucester County Sch. Bd. v. G.G. to the U.S. Court of Appeals for the Fourth Circuit “for further consideration in light of the guidance document issued by the Department of Education and Department of Justice on February 22, 2017.” For those unfamiliar with Gloucester County, the case involves a public school’s obligations to a transgender student under Title IX and, in particular, whether Title IX’s prohibition against sex discrimination requires a school to treat transgender students consistent with their gender identity when providing sex-separated facilities, such as toilets, locker rooms, and showers.
So what does this have to do with wage-and-hour class actions? As it turns out, in Gloucester County, the Supreme Court was poised to consider the scope, and perhaps the continuing viability, of the Auer doctrine, which frequently comes into play in wage-and-hour litigation. Under the Auer doctrine, courts generally will enforce an agency’s interpretation of its own regulations unless that interpretation is “plainly erroneous or inconsistent with the regulation.” In wage-and-hour class actions, this often results in cases being decided based on guidance issued by the Department of Labor through opinion letters, its Field Operations Handbook, and other sources.
This deference to the Department of Labor can be frustrating for employers and attorneys practicing wage-and-hour law because the guidance issued by the Department of Labor often changes with each new Presidential administration. For example, an entire industry can decide to classify a group of employees as exempt from the FLSA’s overtime requirements based on an opinion letter from the Department of Labor only to learn years later that the Department has withdrawn the opinion letter after the start of a new administration. If courts are obligated under Auer to defer to these shifting interpretations issued by the Department of Labor, it can create a great deal of uncertainty for employers seeking to comply with the FLSA and for parties litigating wage-and-hour class actions.
In the long term, eliminating or narrowing the Auer doctrine could provide more consistency for employers and litigants. With the remand of Gloucester County, that is unlikely to happen in the near future. In the short term, however, the continuing viability of the Auer doctrine may benefit employers who are hopeful that the Department of Labor, under the Trump administration, will take a more employer-friendly view of certain regulations. For now, the Department of Labor remains free to shape FLSA through opinion letters and other guidance documents and without having to resort to the time-consuming process of issuing revised regulations.
Jackson Lewis P.C. © 2017
Almost two months after signing sweeping employment law reform, Governor Ricardo Rosselló has signed Puerto Rico Act No. 16 of March 8, 2017, known as the “Puerto Rico Equal Pay Act.” Act 16 is effective immediately.
Although modeled after the federal Equal Pay Act, Act 16 goes further, limiting instances in which employers can inquire into an applicant’s salary history, among other key provisions.
Pay Discrimination Prohibition. Like the federal Equal Pay Act, Act 16 establishes a general prohibition of pay discrimination based on sex among employees in jobs that require equal skill, effort, and responsibility, and that are performed under similar working conditions, except where such payment is made pursuant to (i) a seniority system; (ii) a merit system; (iii) a system which measures earnings by quantity or quality of production; or (iv) a differential based on any other factor other than sex.
Past Salary History Inquiries Prohibited. Act 16 prohibits employers from inquiring into an applicant’s past salary history, unless the applicant volunteered such information or a salary was already negotiated with the applicant and set forth in an offer letter, in which case an employer can inquire or confirm salary history.
Pay Transparency. Act 16 forbids employers from prohibiting discussions about salaries among employees or applicants, with certain exceptions for managers or human resources personnel. It also contains an anti-retaliation provision protecting employees who disclose their own salary or discuss salaries with other employees, object to any conduct prohibited by the law, present a claim or complaint, or participate in an investigation under Act 16.
Remedies and “Self-Evaluation Mitigation.” Available remedies for victims of pay discrimination include back pay and an equal amount as a penalty. Double compensatory damages also are available as remedies. The additional back pay penalty can be waived if the employer demonstrates that, in the year prior to the presentation of a salary claim, the employer voluntarily undertook a “self-evaluation” of its compensation practices and made reasonable efforts to eliminate pay disparities based on sex. The self-evaluation or mitigating measures cannot be used as evidence of violation of the law for events that take place within six months after the self-evaluation’s completion or within one year of the self-evaluation if the employer has commenced reasonable and good faith mitigating measures. The Puerto Rico Secretary of Labor is tasked with preparing and distributing uniform guidelines for employer self-evaluations.
The Department of Labor is authorized to prepare interpretive regulations and must commence a statistical study into pay inequality among men and women. The federal EPA and its regulations will be used as reference in interpreting Act 16.
The penalty provisions of Act 16 will not be effective until March 8, 2018, to permit employers to take any mitigating measures.
Jackson Lewis P.C. © 2017
Last year’s proposed comprehensive framework for cybersecurity rules for large financial institutions is suddenly facing an uncertain future.1With the comment period having closed as of February 2017, the framework was facing criticism as unnecessary for an industry already subject to a host of federal, state, and international cybersecurity regimes. That criticism – now coupled with the Trump Administration’s general retreat from regulatory rulemaking across the board – may result in cybersecurity rules that are ultimately more limited in scope than originally envisioned, or lead to the proposed framework being abandoned altogether. In the meantime, large banks and other financial institutions must continue to comply with existing cybersecurity rules under the ever-growing scrutiny of regulators both in the United States and overseas.
I. Overview of the Proposed Framework
On October 19, 2016, three federal banking regulators – the Federal Reserve Bank (“FRB”), the Office of the Comptroller of the Currency (“OCC”), and the Federal Deposit Insurance Corporation (“FDIC”) – issued an advance notice of proposed rulemaking for new cybersecurity regulations for large financial institutions (i.e., institutions with consolidated assets of $50 billion) and critical financial infrastructure.2 The framework was intended to result in rules to address the type of serious “cyber incident or failure” that could “impact the safety and soundness” of not just the financial institution that is the victim of a cyberattack, but the soundness of the financial system and markets overall. Accordingly, the framework envisioned “enhanced standards for the largest and most interconnected entities… as well as for services that these entities receive from third parties.”3
The proposed framework broadly addresses five cybersecurity categories:
Cyber Risk Governance. This would require that institutions covered by the new rules develop – and their boards and management approve – an enterprise-wide cyber risk management strategy that articulates how it intends to address its inherent cyber risk and maintain system resilience. Among other things, a cyber strategy must (i) identify cyber risk; (ii) address mitigation strategies; (iii) establish reporting structures for cyber incidents; and (iv) provide a means of testing the effectiveness of the cyber strategy.4
Cyber Risk Management. This would require institutions covered by the new rules to adopt a “three lines of defense” risk management model for cyber risk that is often used by large corporations to manage other forms of risk, including traditional financial crime risk. The lines of the “defense” include (i) the business units, which would be tasked, as a first line of defense, with adhering to and implementing the new cyber policies, assessing risk, and reporting incidents; (ii) an independent risk management function, as a second line of defense, that would identify, measure, and monitor the effectiveness of the cyber risk controls in place and to report exceptions and incidents to senior management; and (iii) an independent audit function that would, as a third line of defense, assess whether the cyber risk management framework complies with applicable laws and regulations and is appropriate for the financial institution.5
Internal Dependency Management. This category refers to standards that are intended to ensure that financial institutions can effectively identify and manage risk associated with “internal dependencies,” such as, for example, a financial institution’s own employees, technology, and facilities. Examples of risks related to internal dependencies include those from insiders, data system failures, and problems arising from old legacy systems that were acquired through mergers. Among other things, the rules in this category would require financial institutions to maintain a current and complete list of all internal assets and business functions, including mapping the connections and information flows between those assets and functions.6
External Dependency Management. “External dependencies” refer to an entity’s relationship with “outside vendors, customers, utilities, and other external organizations and service providers that the entity depends on to deliver services, as well as the information flows and interconnections between the entity and those external parties.” Rules in this category would require financial institutions to maintain complete lists of all external dependencies, to analyze the risks associated with external relationships, and to identify and test alternative solutions in the event an external partner is compromised or otherwise fails to perform as expected. Further, the agencies propose that the standards apply directly to third-party vendors who provide financial services to banks (such as payment processors), including those vendors that provide services unrelated to banking or finance if those vendors nonetheless have trusted access to the bank’s computer systems.7
Incident Response, Cyber Resilience, and Situational Awareness. The final category is intended to ensure that financial institutions effectively plan for, respond to, and quickly recover from disruptions caused by cyber incidents – including incidents targeting their external service providers. These rules would require that institutions (i) provide for backup storage of critical records; (ii) establish contingency plans if the institution is unable to perform a service due to a cyber incident; (iii) test for cyber incidents; and (iv) identify and gather intelligence on potential threats.8
The proposed framework provides for additional, even more stringent, standards for anything deemed to be a “sector critical system,” which includes (i) systems that support the clearing or settlement of at least 5 percent of the value of transactions in certain financial markets; (ii) depository institutions that hold a “significant share” (approximately 5 percent) of the total deposits in the United States; and (iii) any system that serves as a “key node” to the financial sector.9 For “sector critical systems,” it proposes that financial institutions adopt additional rules and safeguards, including:
requiring that financial institutions minimize the cyber risk posed to “sector critical systems” by implementing the most effective, commercially-available means of protection;10 and
requiring that financial institutions establish a recovery time, validated by testing, for “sector critical systems” of 2 hours after a harmful cyber attack.11
Finally, in terms of implementing the standards proposed in the framework, the proponent agencies propose three alternatives: (i) a general regulatory requirement for covered entities to maintain an appropriate cybersecurity risk management program supplemented by policy statements that set forth minimum expectations and standards; (ii) comprehensive regulations that propose specific cyber risk management standards; or (iii) comprehensive regulations that propose specific cyber risk management standards and which contain detailed objectives and practices that firms would be required to adopt.12
II. Potential Hurdles
Recent developments call into question whether the rules prepared as a result of the proposed framework will be as strict as originally envisioned, or whether any new rules will be adopted at all.
First, although some of the comments received during the comment period welcomed the interest in this area, many were critical of the new standards. In general, the comments raised several common concerns, including the following:
New rules would, if implemented, join a host of other, already-existing mandatory state, federal, and foreign cybersecurity regulations, including those required under the Gramm-Leach-Bliley Act, the Fair Credit Reporting Act, and, most recently, the strict cybersecurity regime adopted by the New York State Department of Financial Services.13 In addition, there are a number of voluntary standards that many financial institutions already follow, such as the Cybersecurity Framework published by the National Institution of Standards and Technology (“NIST”), the Payment Card Industry Data Security Standard, and the Federal Financial Institutions Examination Council’s Cybersecurity Assessment Tool.14 Few, if any, of these competing regimes are harmonized with each other and, as a result, the adoption of yet another cybersecurity regulation would add to the already heavy regulatory burden facing financial institutions without, necessarily, resulting in improved cybersecurity.15
To the extent that the proposed framework contemplates applying new cybersecurity rules not just to financial institutions but also to their third-party service providers, there is a concern that rules tailored for large financial institutions would not easily down-scale to smaller companies in different industries and with different risk profiles.16 Further, the additional compliance costs imposed on third-party vendors could potentially drive them away from providing services to the financial sector or stifle innovation.17
As an alternative to binding, prescriptive rules, the agencies should consider adopting a set of flexible, risk-based guidelines, similar to the NIST Cybersecurity Framework, that would allow financial institutions to assess and mitigate their particular cybersecurity risks. Specific, prescriptive rules are likely to become outdated by technological developments and, further, encourage regulated entities to focus on merely complying with the rules rather than seeking to comprehensively address their outstanding cybersecurity risks.18
Second, the Trump Administration itself has signaled that it has a limited appetite for major new regulations. Shortly after taking office, President Trump told a group of business leaders that he intends to cut federal regulations by 75 percent or “maybe more.”19 On January 30, 2017, the President signed an executive order which, among other things, required that federal agencies identify two existing regulations for elimination for each new regulation that is proposed.20 Although the “two-for-one” limitation does not apply to independent regulatory agencies such as the FRB, the OCC, and the FDIC,21 the White House nonetheless stated that it is encouraging independent regulatory agencies to “identify existing regulations that, if repealed or revised, would achieve cost savings that would fully offset the costs of new significant regulatory actions.”22
Finally, although the Trump Administration has not yet settled on a comprehensive cybersecurity policy, early indications show that it is likely to favor “public-private” partnerships and other incentives over new mandatory regulations. For example, President Trump’s pick to head the Securities and Exchange Commission, Jay Clayton, has said that he does not believe in regulations to impose cybersecurity mandates on businesses.23Further, an early draft of a proposed Executive Order on cybersecurity – which has not yet been signed – directed the federal government to study “economic or other incentives” to encourage the private sector to adopt effective cybersecurity measures.24 This suggests that the Trump Administration is considering a host of ways to promote cybersecurity risk management in the private sector beyond compulsory regulations.
Industry opposition, coupled with the stated reluctance of the Trump Administration to pursue broad new regulatory regimes, may result in the proposed cybersecurity framework being scaled back or even left to wither and die on the vine. However, even in their absence banks and other large financial institutions must continue to comply with the plethora of existing state, federal, international, and industry standards that already apply. Whether and how the proposed framework – and any new rules that emerge therefrom – fits into the existing regulatory scheme so far remains to be seen.
© Copyright 2017 Cadwalader, Wickersham & Taft LLP
1 See Press Release, Agencies Issue Advanced Notice of Proposed Rulemaking on Enhanced Cyber Risk Management Standards (Oct. 19, 2016),available at https://www.federalreserve.gov/newsevents/press/bcreg/20161019a.htm.
2 Enhanced Cyber Risk Management Standards (Oct. 19, 2016), available athttps://www.federalreserve.gov/newsevents/press/bcreg/bcreg20161019a1.pdf.
3 Id. at 8.
4 Id. at 24-26.
5 Id. at 26-29.
6 Id. at 31-32.
7 Id. at 33-35.
8 Id. at 39.
9 Id. at 39.
10 Id. at 40.
12 Id. at 44-45.
13 See, e.g., Comments of Consumer Data Industry Association, at 2-6 (Jan. 12, 2017), available athttps://www.federalreserve.gov/SECRS/2017/February/20170206/R-1550/R-1550_011317_131681_551357712049_1.pdf. We note that any financial institution large enough to be covered by the proposed standards is likely to have operations outside of the U.S. and, thus, may be subject to cybersecurity or data protection regimes in other jurisdictions, such as the EU’s General Data Privacy Regulation (“GDPR”). We discussed the GDPR in a recent Clients & Friends Memorandum. See S. Baker, J. Facciponti, J. Rennie, and J. Tampi, The EU’s New Data Protection Regulation – Are Your Cybersecurity and Data Protection Measures up to Scratch? (Mar. 6, 2017). We further discussed the New York State cybersecurity rules in a separate client memorandum. See J. Facciponti, J. Moehringer, and H. Wizenfeld, New York State Revises “First-In-Nation” Cybersecurity Rules (Jan. 10, 2017).
14 See, e.g., Comments of SIFMA, ABA, and IIB, at 3 (Feb. 17, 2017), available athttps://www.federalreserve.gov/SECRS/2017/February/20170221/R-1550/R-1550_021717_131711_434399470067_1.pdf (“The Agencies’ [proposed rules] risks undermining the cybersecurity efforts of financial institutions by failing to fully recognize extensive efforts that firms have already made to implement risk-based approaches such as the NIST Cybersecurity Framework and existing federal requirements.”) (“SIFMA Comments”); Comments by the U.S. Chamber of Commerce, at 4-5 (Jan. 18, 2017), available athttps://www.federalreserve.gov/SECRS/2017/February/20170208/R-1550/R-1550_011817_131688_286658311250_1.pdf (“Chamber of Commerce Comments”).
15 See, e.g., Comments of Financial Services Sector Coordinating Council, at 5 (Feb. 17, 2017), available athttps://www.federalreserve.gov/SECRS/2017/February/20170221/R-1550/R-1550_021717_131709_429070260162_1.pdf; Comments of Financial Services Roundtable/BITS, at 3-4 (Feb. 16, 2017), available athttps://www.federalreserve.gov/SECRS/2017/February/20170221/R-1550/R-1550_021617_131723_560608420203_1.pdf; Comments of Electronic Transactions Association, at 1-4 (Feb. 13, 2017), available athttps://www.federalreserve.gov/SECRS/2017/March/20170307/R-1550/R-1550_030717_131766_542476603001_1.pdf (“ETA Comments”); Chamber of Commerce Comments, at 10-11.
16 See, e.g., ETA Comments, at 5; Comments of Mastercard Worldwide, at 3-4 (Jan. 17, 2017), available athttps://www.federalreserve.gov/SECRS/2017/February/20170203/R-1550/R-1550_011717_131679_551358024222_1.pdf; Comments by IHS Markit, at 4 (Feb. 17, 2017), available at https://www.federalreserve.gov/SECRS/2017/March/20170303/R-1550/R-1550_021717_131731_315895562414_1.pdf.
17 See, e.g., Comments of Amazon Web Services, at 5 (Feb. 17, 2017), available athttps://www.federalreserve.gov/SECRS/2017/March/20170307/R-1550/R-1550_030717_131764_542476134029_1.pdf; SIFMA Comments, at 5.
18 See, e.g., Comments by Information Technology Counsel, at 13 (Feb. 17, 2017), available athttps://www.federalreserve.gov/SECRS/2017/March/20170303/R-1550/R-1550_021717_131706_428178516928_1.pdf; Comments by Business Roundtable, at 2 (Feb. 13, 2017), available at https://www.federalreserve.gov/SECRS/2017/February/20170227/R-1550/R-1550_021417_131700_411451111014_1.pdf; Chamber of Commerce Comments, at 3, 6-10 (“There is no regulatory silver bullet for cybersecurity. The complex, dynamic nature of cyber risk makes pursuing flexible, tailored approaches critical.”); Comments of North American CRO Council, at 1 (Jan. 17, 2017), available at https://www.federalreserve.gov/SECRS/2017/February/20170203/R-1550/R-1550_011717_131686_503116251901_1.pdf.
19 See J. Pramuk, Trump tells business leaders he wants to cut regulations by 75% or ‘maybe more’, CNBC (Jan. 23, 2017), available athttp://www.cnbc.com/2017/01/23/trump-tells-business-leaders-he-wants-to-cut-regulations-by-75-percent-or-maybe-more.html.
20 See Executive Order, Reducing Regulation and Controlling Regulatory Costs (Jan. 30, 2017), available athttps://www.whitehouse.gov/the-press-office/2017/01/30/presidential-executive-order-reducing-regulation-and-controlling.
21 See 44 U.S.C. § 3502(5).
22 See Memorandum: Interim Guidance Implementing Section 2 of the Executive Order of January 30, 2017, Titled, “Reducing Regulation and Controlling Regulatory Costs” (Feb. 2, 2017), available at https://www.whitehouse.gov/the-press-office/2017/02/02/interim-guidance-implementing-section-2-executive-order-january-30-2017.
23 See Roger Yu, Honed by Wall Street: What Makes Trump SEC Chair Pick Jay Clayton Tick, USA Today (Jan. 4, 2017), available athttp://www.usatoday.com/story/money/2017/01/04/donald-trumps-sec-chair-nominee-comes-deep-wall-street-ties/96162306/.
24 See Draft Executive Order, Strengthening U.S. Cyber Security and Capabilities, at 4-5, available athttps://apps.washingtonpost.com/g/documents/world/read-the-trump-administrations-draft-of-the-executive-order-on-cybersecurity/2306/.
The Congressional Budget Office (CBO) released its cost estimate of the American Health Care Act (AHCA) as reported by the Committees on Ways and Means and Energy and Commerce. CBO estimates that AHCA would reduce federal deficits by $337 billion over ten years. The total consists of $323 billion in on-budget savings and $13 billion in off-budget savings. The outlays would be reduced by $1.2 trillion over the same period, and revenues would be reduced by $883 billion.
CBO and the Joint Committee on Taxation estimate that 14 million more people would be uninsured under the AHCA in 2018. CBO further projects that “following additional changes to subsidies for insurance purchased in the nongroup market and to the Medicaid program, the increase in the number of uninsured people relative to the number under current law would rise to 21 million in 2020 and then to 24 million in 2026.” By 2026, CBO estimates 52 million people would be uninsured, as compared with 28 million who would lack insurance that year under current law.
CBO and JCT estimate that average health insurance premiums in the individual market would be 15 percent to 20 percent higher than under the ACA. This is because the individual mandate penalties would be eliminated, leading to fewer healthy people signing up for insurance.
JCT and CBO estimate that the AHCA would result in private sector mandates totaling $156 million in 2017, adjusted annually for inflation. Finally, CBO is uncertain about part of its estimates as it cannot determine “the ways in which federal agencies, states, insurers, employers, individuals, doctors, hospitals, and other affected parties would respond to the changes made by the legislation…”
In accordance with the Congressional Budget and Impoundment Control Act of 1974, the House Budget Committee is scheduled to meet this week to report the reconciliation bill. The Committee’s role is simply to package the two bills from the Energy and Commerce and Ways and Means Committees.
Following the Budget Committee’s action, the House Rules Committee will meet to develop a rule, which would govern floor debate for the American Health Care Act. It is possible the Rules Committee may fold bills reported by the Education and the Workforce Committee into the reconciliation package. The House Majority Leadership plans to take the AHCA to the floor next week.
In the Senate, Majority Leader Mitch McConnell [R-KY] plans to skip the committee process and take up the House-passed bill. As this legislation works its way through the Congress, we will provide further client alerts as necessary.