New Survey Shows that Americans are Ready for More Deliveries by Drone

Auterion, a drone software company, commissioned a survey from the market research company, Propeller Insights, of 1,022 adults. The survey was gender-balanced and distributed across age groups from 18 to 65+, living in rural, suburban, and city environments in the United States, and was conducted in May 2022.

In the report summarizing the survey, “Consumer Attitudes on Drone Delivery,” Auterion reveals that 58 percent of Americans like the idea of drone deliveries, and 64 percent think drones are becoming an option for home delivery now or will be in the near future. With more than 80 percent of those surveyed reporting that they have packages delivered to their homes on a regular basis, the survey finds that Americans are generally ready to integrate drone delivery into daily life for ease and speed. Of the 64 percent who see drones becoming a more common option for home delivery, 32 percent think it’s possible now or within the next 1 to 2 years.

Only 36 percent of those surveyed had doubts about this type of drone integration, including some individuals who think the general public or governments will not approve of large-scale drone adoption for delivery and others who just prefer that drone delivery doesn’t happen at all.

With individuals choosing more than one option, the survey found that the most common types of home package deliveries reported by consumers today, by vehicles and trucks, are:

  • 39 percent – groceries

  • 34 percent – clothing

  • 33 percent – household items

  • 31 percent – meals

  • 27 percent – medicine

  • 11 percent – baby food/needs

Based on these findings, those surveyed were also asked if they were willing to consider drones as a “new corner store” for conveniently delivering small and last-minute necessities: 54 percent of the individuals said “yes.”

With regard to concerns related to these drone deliveries, 43 percent of those surveyed fear the drone will break down and they will not receive their item, and 19 percent are worried about not having human interaction with their delivery person. However, drone delivery and systems provide accurate trackability and direct delivery, and, therefore are more capable of accurate delivery timing. Delivery drones are built to analyze the environment with precision, to communicate through control software in a common language and predict safe landing spots for the packages. Air space is becoming a great option in a time when highways are filled with cars and trucks, and fuel prices are rising. Drones can help to reduce our reliance on gas-powered delivery vehicles, and provide safer, more flexible, and more cost-effective delivery.

Copyright © 2022 Robinson & Cole LLP. All rights reserved.

CPSC Sues Amazon to Force Recall of Hazardous Products Sold on Amazon.com

The U.S. Consumer Product Safety Commission (CPSC) announced on July 14, 2021, that it filed an administrative complaint against Amazon.com, “the world’s largest retailer, to force Amazon to accept responsibility for recalling potentially hazardous products sold on Amazon.com.” CPSC claims that the specified products sold through Amazon’s “fulfilled by Amazon” (FBA) program are defective and pose a risk of serious injury or death to consumers and that Amazon is legally responsible to recall them. According to the complaint, the products include “24,000 faulty carbon monoxide detectors that fail to alarm, numerous children’s sleepwear garments that are in violation of the flammable fabric safety standard risking burn injuries to children, and nearly 400,000 hair dryers sold without the required immersion protection devices that protect consumers against shock and electrocution.”

CPSC filed the complaint under the Consumer Product Safety Act (CPSA). According to the complaint, Amazon acts as a “distributor,” as defined by CPSA, of its FBA products by: (a) receiving delivery of FBA consumer products from a merchant with the intent to distribute the product further; (b) holding, storing, sorting, and preparing for shipment FBA products in its warehouses and fulfillment centers; and (c) distributing FBA consumer products into commerce by delivering FBA products directly to consumers or to common carriers for delivery to consumers.

The complaint states that after CPSC notified Amazon about the hazards presented by the specified products, Amazon took “several unilateral actions,” including:

  • Removing the Amazon Standard Identification Numbers (ASIN) for certain of the specified products; and
  • Notifying consumers who purchased certain of the specified products that they could present a hazard. Amazon also offered a refund to these consumers in the form of an Amazon gift card credited to their account.

According to the complaint, these actions “are insufficient to remediate the hazards posed by the Subject Products and do not constitute a fully effectuated Section 15 mandatory corrective action ordered by” CPSC. The complaint states that “[a] Section 15 order requiring Amazon to take additional actions in conjunction with the CPSC as a distributor is necessary for public safety.” The complaint asks CPSC to:

  1. Determine that Amazon is a distributor of consumer products in commerce, as those terms are defined in the CPSA;
  2. Determine that the specified products are substantial product hazards under CPSA Sections 15(a)(1), 15(a)(2), and 15(j);
  3. Determine that public notification in consultation with CPSC is required to protect the public adequately from substantial products hazards created by the specified products, and order Amazon to take actions set out in CPSA Section 15(c)(1), including but not limited to:
    1. Cease distribution of the specified products, including removal of the ASINs and any other listings of the specified products and functionally identical products, from Amazon’s online marketplace and identifying such ASINs to CPSC;
    2. Issue a CPSC-approved direct notice to all consumers who purchased the specified products that includes a particularized description of the hazard presented by each specified product and encourage the return of the specified product;
    3. Issue a CPSC-approved press release, as well as any other public notice documents or postings required by CPSC staff, that inform consumers of the hazard posed by the specified products and encourage the return or destruction of the specified products;
  4. Order that Amazon facilitate the return and destruction of the specified products, at no cost to consumers, to protect the public adequately from the substantial product hazard posed by the specified products, and order Amazon to take actions set out in CPSA Section 15(d)(1), including but not limited to:
    1. Refund the full the purchase price to all consumers who purchased the specified products and, to the extent not already completed, conditioning such refunds on consumers returning the specified products or providing proof of destruction;
    2. Destroy the specified products that are returned to Amazon by consumers or that remain in Amazon’s inventory, with proof of such destruction via a certificate of destruction or other acceptable documentation provided to CPSC staff;
    3. Provide monthly progress reports to reflect, among other things, the number of specified products located in Amazon’s inventory, returned by consumers, and destroyed;
    4. Provide monthly progress reports identifying all functionally equivalent products removed by Amazon from amazon.com pursuant to the CPSC Order, including the ASIN, the number distributed prior to removal, and the platform through which the products were sold;
  5. Provide monthly reports summarizing the incident data submitted to CPSC through the Retailer Reporting Program;
  6. Order that Amazon is prohibited from distributing in commerce the specified products, including any functionally identical products; and
  7. Order that Amazon take other and further actions as CPSC deems necessary to protect the public health and safety and to comply with CPSA and the Flammable Fabrics Act (FFA).

CPSC “urges consumers to visit SaferProducts.gov to check for recalls prior to purchasing products and to report any incidents or injuries to the CPSC.” CPSC published the complaint in the July 21, 2021, Federal Register. 86 Fed. Reg. 38450.

Commentary

In CPSC’s July 14, 2021, press release, Acting Chair Robert Adler states that the decision to file an administrative complaint is “a huge step across a vast desert — we must grapple with how to deal with these massive third-party platforms more efficiently, and how best to protect the American consumers who rely on them.” According to The Washington Post, CPSC issued the administrative complaint “after months of behind-the-scenes negotiations between regulators and Amazon as the agency tried to persuade the company to follow the CPSC’s rules for getting dangerous products off the market, according to a senior agency official who spoke on the condition of anonymity to comment on internal discussions.” This same official stated that “Amazon officials refused to acknowledge that the CPSC has the authority to compel the company to remove unsafe products.”

As reported in our February 16, 2018, blog item, “EPA Settles with Amazon on Distribution of Unregistered Pesticides,” the U.S. Environmental Protection Agency (EPA) and Amazon entered into a Consent Agreement and Final Order (CAFO) whereby Amazon agreed to pay $1,215,700 in civil penalties for approximately 4,000 alleged violations under Section 3 of the Federal Insecticide, Fungicide, and Rodenticide Act (FIFRA) for the distribution of unregistered pesticide products. EPA later issued stop sale, use, or removal orders (SSURO) to Amazon and eBay for selling certain pesticide products that EPA claims are unregistered, misbranded, or restricted-use pesticides, and pesticide devices that EPA asserts make false or misleading claims. More information on the SSURO is available in our June 17, 2020, blog item, “EPA Issues Stop Sale, Use, or Removal Orders to Amazon and eBay for Unregistered and Misbranded Pesticides and Devices, Including Products with Claims Related to COVID-19.”

As reported in our October 9, 2020, blog item, Representatives Frank Pallone, Jr. (D-NJ), Chair of the House Committee on Energy and Commerce, and Jan Schakowsky (D-IL), Chair of the House Energy and Commerce Subcommittee on Consumer Protection and Commerce, requested that Amazon Chief Executive Officer (CEO) and Chair Jeff Bezos launch an investigation into the safety of Amazon’s product line, AmazonBasics, and answer a series of questions pertaining to the company’s product safety and recall practices. The Committee’s October 7, 2020, press release notes that the request comes after a CNN investigation found that many of AmazonBasics’ electronic products “have exploded, caught fire, sparked, melted, or otherwise created hazardous situations at rates well above comparable products.” According to the press release, many of these products were never recalled and continue to be sold.

CPSC’s administrative complaint is just the latest indication of the pressure on Amazon to ensure the safety of the products the platform hosts. These federal agency and Congressional efforts will almost certainly cause more pressure on product manufacturers to ensure the products they offer for sale on Amazon are compliant with the relevant regulations.


©2021 Bergeson & Campbell, P.C.

Article By Lynn L. Bergeson, Lisa M. Campbell and Carla N. Hutton at Bergeson & Campbell, P.C. For more CPSC news, see the Consumer Protection section of the National Law Review.

CNIL Fines Google and Amazon 135 Million Euros for Alleged Cookie Violations

On December 10, 2020, the French Data Protection Authority (the “CNIL”) announced that it has levied fines of €60 million on Google LLC and €40 million on Google Ireland Limited under the French cookie rules for their alleged failure to (1) obtain the consent of users of the French version of Google’s search engine (google.fr) before setting advertising cookies on their devices; (2) provide users with adequate information about the use of cookies; and (3) implement a fully effective opt-out mechanism to enable users to refuse cookies. On the same date, the CNIL announced that it has levied a fine of €35 million on Amazon Europe Core under the same rules for its alleged failure to (1) obtain the consent of users of the amazon.fr site before setting advertising cookies on their devices; and (2) provide adequate information about the use of cookies.

Background

The French cookie rules are laid down in (1) Article 82 of the French Data Protection Act, which implements into French law the provisions of the EU ePrivacy Directive governing the use of cookies; and (2) soft law instruments aimed at guiding operators in implementing Article 82 of the French Data Protection Act in practice.

While the provisions of Article 82 of the French Data Protection Act have remained unchanged, the CNIL revised its soft law instruments to take into account the strengthened consent requirements of the EU General Data Protection Regulation (“GDPR”). On July 18, 2019, the CNIL published new guidelines on the use of cookies and similar technologies (the “Guidelines”). The Guidelines repealed the CNIL’s 2013 cookie recommendations that were no longer valid in light of the GDPR’s consent requirements. The Guidelines were to be complemented by recommendations on the practical modalities for obtaining users’ consent to set or read non-essential cookies and similar technologies on their devices (the “Recommendations”). On October 1, 2020, the CNIL published a revised version of its Guidelines and its final Recommendations. The CNIL announced that it would allow for a transition period of six months to comply with the new cookie law rules (i.e., until the end of March 2021), and that it would carry out inspections to enforce the new rules after that transition period. However, the CNIL made clear that it reserves the right to take action against certain infringements, especially in cases of particularly serious infringements of the right to privacy. In addition, the CNIL announced that it would continue to investigate infringements of the previous cookie law rules.

Against that background, on December 2019, March 6 and May 19, 2020, the CNIL carried out three remote inspections of the amazon.fr website and an onsite inspection at the premises of the French establishment of the Amazon group, Amazon Online France SAS. On March 16, 2020, the CNIL also carried out a remote inspection of the google.fr site. These inspections aimed to verify whether Google LLC and Google Ireland Limited and Amazon Europe Core complied with the French Data Protection Act, and in particular with its Article 82, when setting or reading non-essential cookies on the devices of users living in France who visited google.fr and amazon.fr websites. In its press releases, the CNIL stressed that its sanctions against Google and Amazon punished breaches of obligations that existed before the GDPR and are not part of the obligations clarified by the new Guidelines and Recommendations.

CNIL’s Jurisdiction Over Google Ireland Limited’s and Amazon Europe Core’s Cookie Practices

Google and Amazon challenged the jurisdiction of the CNIL arguing that (1) the cooperation mechanism of the GDPR (known as the one-stop-shop mechanism) should apply and the CNIL is not their lead supervisory authority for the purposes of that mechanism; and (2) their cookie practices do not fall within the territorial scope of the French Data Protection Act. Pursuant to Article 3 of the French Data Protection Act, it applies to the processing of personal data carried out in the context of the activities of an establishment of a data controller (or data processor) in France. In that respect, Amazon argued that its French establishment was not involved in the setting of cookies on the amazon.fr site and that there is no inextricable link between the activities of the French establishment and the setting of cookies by Amazon Europe Core, the Luxembourg affiliate of the Amazon group, responsible for the European Amazon websites, including the French site. Google argued that, because the one-stop-shop mechanism should apply, its Irish affiliate, Google Ireland Limited, is the actual headquarters of the Google group in Europe and thus its main establishment for the purposes of the one-stop-shop mechanism. Accordingly, the Irish Data Protection Commissioner would be the only competent supervisory authority.

Inapplicability of the One-Stop-Shop Mechanism of the GDPR

In the initial version of its Guidelines, the CNIL made clear that it may take any corrective measures and sanctions under Article 82 of the French Data Protection Act, independently of the GDPR’s cooperation and consistency mechanisms, because the French cookie rules are based on the EU ePrivacy Directive and not the GDPR. Unsurprisingly, therefore, the CNIL rejected the arguments of Google and Amazon, considering that the EU ePrivacy Directive provides for its own mechanism, designed to implement and control its application. Accordingly, the CNIL concluded that the one-stop-shop mechanism of the GDPR does not apply to the enforcement of the provisions of the EU ePrivacy Directive, as implemented under French law.

To prevent such a situation in the future and ensure consistent interpretation and enforcement of both sets of rules, the European Data Protection Board (the “EDPB”) has called for the GDPR’s cooperation and consistency mechanism to be used for the supervision of the future cookie rules under the ePrivacy Regulation, which will replace the ePrivacy Directive. The CNIL did not wish to pre-empt this future development, and applied the relevant texts literally in its cases against Google and Amazon.

CNIL’s Territorial Jurisdiction

 The CNIL, citing the rulings of the Court of Justice of the European Union in the Google Spain and Wirtschaftsakademie cases, took the view that the use of cookies on the French site (google.fr and amazon.fr respectively) was carried out in the context of the activities of the French establishment of the companies, because that establishment promotes their respective products and services in France.

Controllership Status of Google LLC

Following his investigation, the Rapporteur of the CNIL considered that Google Ireland Limited and Google LLC are joint controllers in respect of the processing consisting in accessing or storing information on the device of Google Search users living in France.

Google argued that Google Ireland Limited is solely responsible for those operations and that Google LLC is a processor. Google stressed that (1) its Irish affiliate participates in the various decision-making bodies and in the different stages of the decision-making process implemented by the group to define the characteristics of the cookies set on Google Search; and (2) differences exist between the cookies set on European users’ devices and those set on the devices of other users (e.g., shorter retention periods, no personalized ads served to children within the meaning of the GDPR, etc.), which demonstrate the decision-making autonomy of Google Ireland Limited.

In its decision, the CNIL found that Google LLC is also represented in the bodies that adopt decisions relating to the deployment of Google products within the European Economic Area and in Switzerland, and to the processing of personal data of users living in those regions. The CNIL also found that Google LLC exercises a decisive influence in those decision-making bodies. The CNIL further found that the differences in the cookie practices were just differences in implementation, mainly intended to comply with EU law. According to the CNIL, those differences do not affect the global advertising purpose for which the cookies are used. In the CNIL’s view, this purpose is also determined by Google LLC, and the differences invoked by Google are not sufficient to demonstrate the decision-making autonomy of Google Ireland Limited. In addition, the CNIL found that Google LLC also participates in the determination of the means of processing since Google LLC designs and builds the technology of cookies set on the European users’ devices. The CNIL concluded that Google LLC and Google Ireland Limited are joint controllers.

Cookie Violations

Setting of advertising cookies without obtaining the user’s prior consent

The CNIL’s inspection of the google.fr website revealed that, when users visited that site, seven cookies were automatically set on their device. Four of these cookies were advertising cookies.

In the case of Amazon, the investigation revealed that, whenever users first visited the home page of the amazon.fr website or visited the site after they clicked on an ad published on another site, more than 40 advertising cookies were automatically set on their device.

Since advertising cookies require users’ prior consent, the CNIL concluded that the companies failed to comply with the cookie consent requirement of Article 82 of the French Data Protection Act.

Lack of adequate information provided to users

When the CNIL inspected the google.fr website, the CNIL found that an information banner was displayed at the bottom of the page, with the following note: “Privacy reminder from Google,” and two buttons: “Remind me latter” and “Access now.” According to the CNIL, the banner did not provide users with information regarding the cookies that were already set on their device. Further, that information was also not immediately provided when users clicked on the “Access now” button. Google amended its cookie practices in September 2020. However, the CNIL found that the new pop-up window does not provide clear and complete information to users under Article 82 of the French Data Protection Act. In the CNIL’s view, the new pop-up window does not inform users of all the purposes of the cookies and the means available to them to refuse cookies. In particular, the CNIL found that the information provided to users does not enable them to understand the type of content and ads that may be personalized based on their behavior (e.g., whether this is geolocation-based advertising), the precise nature of the Google services that use personalization, and whether this personalization is carried out across different services. Further, the CNIL found that the terms “options” or “See more” in the new window are not explicit enough to enable users to understand how they can refuse cookies.

When inspecting the amazon.fr website, the CNIL found that the information provided to users was neither clear, nor complete. The cookie banner displayed on the site provided a general and approximate description of the purposes of the cookies (“to offer and improve our services”). Further, according to the CNIL, the “Read more” link included in the banner did not explain to users that they could refuse cookies, nor how to do so. The CNIL found that Amazon Europe Core’s failure to provide adequate information was even more obvious in the case of users visiting the site after they had clicked on an ad published on another site. In this case, no information was provided to them.

Opt-out mechanism partially defective

In the case of Google, the CNIL also found that, when a user deactivated the ad personalization on Google Search by using the mechanism available from the “Access now” button, one of the advertising cookies was still stored on the user’s device and kept reading information destined for the server to which the cookie was attached. The CNIL concluded that the opt-out mechanism was partially defective.

CNIL’s Sanctions

In setting the fines in both cases, the CNIL took into account the seriousness of the breaches of Article 82 of the French Data Protection Act, the high number of users affected by those breaches, and the financial benefits deriving from the advertising income indirectly generated from the data collected by the advertising cookies. Interestingly, in the case of Google, the CNIL cited a decision of the French Competition Authority and referred to Google’s dominant position in the online search market.

In both cases, the CNIL noted that the companies amended their cookie practices in September 2020 and stopped automatically setting advertising cookies. However, the CNIL found that the new information provided to users is still not adequate. Accordingly, the CNIL ordered the three companies to provide adequate information to users about the use of cookies on their respective sites. The CNIL also ordered a periodic penalty payment of €100,000 (i.e., the maximum amount permitted under the French Data Protection Act) for each day of delay in complying with the injunction, commencing three months following notification of the CNIL’s decision in each case.

The CNIL addressed its decisions to the French establishment of the companies in order to enforce these decisions. The companies have four months to appeal the respective decision before France’s highest administrative court (Conseil d’Etat).

Read the CNIL’s decision against Google LLC and Google Ireland Limited and the CNIL’s decision against Amazon Europe Core (currently available only in French).

Copyright © 2020, Hunton Andrews Kurth LLP. All Rights Reserved.

 

ARTICLE BY Hunton Andrews Kurth’s Privacy and Cybersecurity

 

For more articles on Google, visit the National Law Review Communications, Media & Internet section.

Amazon Ruling Impacts Prop 65 Issues

The 2020 Prop. 65 Clearinghouse conference marked another year of thought-provoking discussion on the current state of Proposition 65 regulations and litigation.  Although the Act is nearly 35 years old, trends in enforcement litigation and defenses are continuously evolving.  The Prop. 65 Clearinghouse does an excellent job of combining perspectives from the various stakeholders and litigants in the field.

Among the panels at this year’s conference, discussing topics from acrylamide litigation to warnings on marijuana products, was an excellent and lively discussion on the affirmative defense under the compelled speech doctrines of the First Amendment.  Briefly mentioned in that discussion was whether we may see an emergence of other protections from the Constitution invoked as defense to Prop. 65 actions.  Due Process and Commerce Clause were briefly mentioned among those other potential areas where we may see further constitutional defenses.

This discussion brought to mind other areas where federal law may preempt California’s Prop. 65.  In particular, and on the heals of the California Court of Appeal’s August 2020 decision in Bolger v. Amazon, the applicability of the federal Communications Decency Act of 1996.  To be clear, Bolger was not a Prop. 65 case.  However, the decision did briefly touch an area of federal preemption that can be used as a defense to Prop. 65 actions brought against Amazon and other online third-party seller platforms.

In Bolger, a woman was severely hurt following an explosion of a replacement laptop battery she purchased on Amazon from a third-party seller.  Amazon raised a number of defenses, including immunity from liability under title 47 U.S.C. section 230 – part of the Communications Decency Act (CDA).

The CDA is extremely important to the free flow of information on the internet as it shields online content platforms from being held liable as the speaker or publisher of third-party content.  Plaintiffs pursuing lawsuits based on state law “may hold liable the person who creates or develops unlawful [online] content, but not the interactive computer service provider who merely enables that content to be posted online.” (Nemet Chevrolet, Ltd. v. Consumeraffairs.com, Inc. (4th Cir. 2009) 591 F.3d 250, 254; see also, HomeAway.com, Inc. v. City of Santa Monica (9th Cir. 2019) 918 F.3d 676, 681.)

The Bolger Court found that the CDA did not protect Amazon from strict liability for the battery purchased on its website because speech was not the issue.  Liability was not rooted in a failure to adequately warn, for example.  The Court stated that Amazon’s liability in the case did not turn whether Amazon was classified as a speaker/publisher of content on amazon.com that had been provided by the third-party seller.  Instead, Amazon was found liable in Bolger because of its role in the transaction itself that was more akin to that of a “conventional retailer” and the Court subjected Amazon to strict liability as it would have for any other “conventional retailer.”  (In a future CMBG3 post, we will be discussing the ramifications of that retailer label, as well as the split among courts around the country on the issue.)

From a Prop. 65 perspective, the take-away from seemingly unrelated cases like Bolger and HomeAway.com is that CDA immunity may extend to lawsuits where a plaintiff is seeking to pursue a state law cause of action (i.e., enforcement of California’s Prop. 65) against an online platform for content provided by another.  In other words, the CDA could shield a company like Amazon from content-based lawsuits stemming from the alleged absence or inadequacy of a Prop. 65 warning that the third-party seller either neglected to post on the product page, or failed to provide the proper warning under Prop. 65.

For the third-party seller, not only should this be a reminder to review your obligations under regulations like Prop. 65, but also to read your vendor agreements with Amazon, Etsy, Walmart, Shopify and the like.  To keep the theme on Amazon, the Amazon Business Solutions Agreement includes indemnity provisions and regulatory compliance provisions (that specifically call out Prop. 65 compliance) that every vendor should understand.


©2020 CMBG3 Law, LLC. All rights reserved.
For more articles on Prop 65, visit the National Law Review Environmental, Energy & Resources section.

COVID-19 Whistleblower Protections: Few Options for Workers Reporting Unsafe Working Conditions

The United States has been rocked by the COVID-19 pandemic in innumerable ways and it has had profound and ongoing impacts on workers. One of the most vexing problems arising from COVID-19 has been protecting workers who object to employers that are failing to implement meaningful safety precautions to protect their workers during the pandemic. As just one of many examples, an Amazon employee was fired after he opposed the company’s failure to meaningfully protect warehouse employees who had potentially been exposed to the coronavirus. This article will examine our failures in addressing this problem through meaningful federal action and highlight instances where local legislators have passed laws to protect workers who find themselves facing this predicament.

The Deficiencies of Federal Law to Protect Workers During the Coronavirus Crisis

The primary federal law requiring a safe working environment is the Occupational Safety and Health Act (“OSH Act”). Section 11(c) of the OSH Act prohibits employers from discharging or discriminating against an employee because the employee exercised any rights under the Act, including the right to raise health or safety complaints. 29 U.S.C. § 660(c). The OSH Act theoretically protects an employee who refuses to work based on unsafe working conditions, although the requirements for a protected work refusal are stringent.

Unfortunately, the OSH Act does not effectively protect workers in general, much less in the face of a burgeoning pandemic. The Act does not have a private right of action, so employees who suffer retaliation for reporting unsafe working conditions cannot sue in court. Instead, Section 11(c) allows employees to file a complaint with the Occupational Safety and Health Administration (“OSHA”) and request that OSHA protect them. Thus, government officials ultimately decide what to do with the OSH Act complaint; if they fail to protect an employee, that employee has no other recourse under the statute. In addition, the OSH Act has a 30-day statute of limitations—the shortest of any federal anti-retaliation statute. Finally, the strict requirements governing what constitutes a protected refusal to work will leave many employees in the cold. OSHA officials have acknowledged the weakness of the OSH Act protections. In 2010, then-Deputy Assistant Secretary for Occupational Safety and Health, Jordan Barab, testified before Congress that Section 11(c)’s lack of a private right of action and statutory right of appeal were “[n]otable weaknesses” in the law. Mr. Barab also lamented the OSH Act’s “inadequate time for employees to file complaints.”

Several states have their own version of the OSH Act, protecting employees who raise concerns about workplace health and safety. Like the federal OSH Act, however, many of these state laws do not contain private rights of action. See, e.g., D.C. Code § 32-1117 (no private right of action); Md. Code, Labor & Empl. § 5-604 (same); but see Va. Code § 40.1-51.2:2 (providing private right of action and a 60-day limitations period for filing a complaint).

Proposed Legislation to Protect Whistleblowers

The Coronavirus Oversight and Recovery Ethics Act (“CORE Act”) put in place meaningful protections against retaliation for individuals who report waste, fraud, and abuse related to government funds that were distributed to combat the COVID-19 pandemic. Like other recent whistleblower protection legislation, it is primarily enforced through the Department of Labor but permits whistleblowers to “kick out” their claims into federal court. Further, language in the bill nullifies the effectiveness of pre-dispute mandatory arbitration provisions with respect to claims asserted under the law. In many ways, it is a model piece of whistleblower protection legislation.

One significant omission from the CORE Act, however, is language amending the OSH Act or otherwise granting meaningful protections to whistleblowers who report workplace health and safety concerns related to COVID-19. Thus, nothing in the bill purports to protect an individual who refuses to come to work, or opposes her employer’s practices, because her employer has failed to take sufficient steps to mitigate COVID-19-related risk to employee health. In most of the country, employees in that situation are left with the OSH Act as their primary recourse for protection against retaliation.

Given the clear deficiencies in the OSH Act’s protections of whistleblowers concerned about workplace safety, whistleblower advocacy organizations like the Project on Government Oversight (“POGO”) have pushed for Congress to pass legislation that would, among other things, “prohibit retaliation against essential workers making disclosures related to worker or public health and safety during the pandemic.” On June 15, 2020, in response to calls from groups like POGO, Senator Kamala Harris and Representatives Jackie Speier and Jamie Raskin introduced the COVID-19 Whistleblower Protection Actto expand the whistleblower protections of the CORE Act.

Protecting Whistleblowers at the Local Level

Given the lack of federal action to address this problem, some municipalities have passed legislation specifically designed to protect employees who report COVID-19-related workplace safety concerns. For example, Mayor Kenney of Philadelphia recently signed into law Bill No. 200328, which requires employers to “comply with all aspects of public health orders addressing safe workplace practices to mitigate risks” related to COVID-19. The bill further states that “[n]o employer shall take any adverse employment or other action against an employee” who refuses to work in conditions that do not comply with public safety guidelines, and that “no employer shall take any adverse employment or other action against any employee for making a protected disclosure.” A “protected disclosure” is defined as a “good faith communication” disclosing information “that may evidence a violation of a public health order that may significantly threaten the health or safety of employees or the public, if the disclosure or intention to disclose was made for the purpose of remedying such violation.” The legislation includes a private right of action and permits awards to successful litigants including reinstatement, back pay, compensatory damages, and liquidated damages “of $100 to $1000 on behalf of the City for each day in which a violation occurs.”

In late May, the City of Chicago enacted a bill that contained slightly narrower but still powerful protections. In the bill, the City of Chicago prohibited employers from retaliating against employees for complying with public health orders relating to COVID-19 issued by the City or the State or for following COVID-19-related quarantine instructions from a treating health care provider. The protections extend to employees who are caring for an individual subject to such a quarantine. The bill includes a remarkable damages provision entitling successful claimants to liquidated damages “equal to three times the full amount of wages that would have been owed had the retaliatory action not taken place.”

These actions by municipalities are meaningful and offer critical protections to citizens living in those cities. At the same time, the need for this local legislation highlights the glaring absence of meaningful protections for workers in the rest of the country. It seems that every week we hear more horror stories about conditions in which workers are forced to work during this pandemic, lest they risk losing their jobs in the midst of a devastating economic downturn. The weaknesses in the OSH Act and the absence of even proposed federal legislation that would fill this critical gap in protection is a moral failure.


Copyright Katz, Marshall & Banks, LLP

For more on COVID-19 related whistleblowing, see the National Law Review Coronavirus News section.

Hackers Eavesdrop and Obtain Sensitive Data of Users Through Home Smart Assistants

Although Amazon and Google respond to reports of vulnerabilities in popular home smart assistants Alexa and Google Home, hackers continually work hard to exploit any vulnerabilities to be able to listen to users’ every word to obtain sensitive information that can be used in future attacks.

Last week, it was reported by ZDNet that two security researchers at Security Research Labs (SRLabs) discovered that phishing and eavesdropping vectors are being used by hackers to “provide access to functions that developers can use to customize the commands to which a smart assistant responds, and the way the assistant replies.” The hackers can use the technology that Amazon and Google provides to app developers for the Alexa and Google Home products.

By putting certain commands into the back end of a normal Alexa/Google Home app, the attacker can silence the assistant for long periods of time, although the assistant is still active. After the silence, the attacker sends a phishing message, which makes the user believe had nothing to do with the app that they interacted with. The user is then asked for the Amazon/Google password and sends a fake message to the user that looks like it is from Amazon or Google. The user is then sent a message claiming to be from Amazon or Google and asking for the user’s password. Once the hacker has access to the home assistant, the hacker can eavesdrop on the user, keep the listening device active and record the users’ conversations. Obviously, when attackers eavesdrop on every word, even when it appears the device is turned off, they can obtain information that is highly personal and can be used malevolently in the future.

The manufacturers of the home smart assistants reiterate to users that the devices will never ask for their account password. Cyber hygiene for home assistants is no different than cyber hygiene with emails.


Copyright © 2019 Robinson & Cole LLP. All rights reserved.

For more hacking risk mitigation, see the National Law Review Communications, Media & Internet law page.

Amazon Takes Aim at Patent Infringement in its Marketplace

Amazon CEO Jeff Bezos recently disclosed that gross merchandise sales in the Amazon Marketplace by independent third-party sellers (as opposed to sales made directly by Amazon itself) had grown to 58% of total sales. According to data company Statista, 73% of those sellers were small businesses with between 1-5 employees. For many of them, sales on Amazon comprise their entire revenue.

Discussion of the opportunity Amazon Marketplace represents for small business, however, is joined by the voices of many retailers complaining about sales of counterfeit and stolen goods. To better police its online sales, Amazon has launched initiatives such as Project Zero which allows owners of brands to delete counterfeit products.

The online retail giant’s latest enforcement effort—designed to combat patent infringement—has been dubbed the Utility Patent Neutral Evaluation Procedure (UPNEP). Under this new trial program, a company that believes certain products for sale on the Amazon Marketplace infringe its patents can request an evaluation by depositing $4,000. If the seller does not dispute the accusation, Amazon removes the infringing products from the marketplace, and refunds the deposit to the patent owner. If the seller decides to fight the claim, it also deposits $4,000. Amazon then assigns a lawyer with patent expertise to resolve the dispute. The patent owner submits an opening brief, the merchant files a response, and then the patent owner may submit a reply. The lawyer reviews the submissions, and decides whether the listing should be removed or maintained. The winner gets its money back, and the loser’s $4,000 gets paid to the lawyer. There is no discovery, and no appeal or request for reconsideration. The whole process takes just a few months from start to finish.

Many stakeholders in the Amazon ecosystem have applauded the UPNEP as providing both patent owners and Amazon merchants with a quick and cost-effective mechanism for resolving infringement disputes arising from third-party listings. While participation in the program does not prevent a patent owner from commencing a lawsuit, many sellers do not reside in the United States, and thus may not be subject to service of process in a U.S. federal court. Without UPNEP, patent owners would have little to no recourse in such cases.

Law firms with IP litigation expertise are already offering to represent both patent owners and accused sellers in connection with the program. One such firm told The Information that his client boosted sales by 700% after using UPNEP to remove listings that were knockoffs of the client’s patented product. Consultants who advise Amazon sellers are also positioning specialized services. One such consultant advised The Information that a cup manufacturer client had used UPNEP to remove 170 product listings that it believed were infringing its patents.

There are some detractors, however. Deriding the new initiative as “the District of Amazon Federal Court,” Paul Morinville of IP Watchdog says the new initiative is a symptom of a broken patent system. He questions, among other issues, whether the lawyers evaluating the claims will be impartial, or beholden to Amazon’s interests.

Expert Peter Kent, who has served as an expert in several Amazon-related cases, is monitoring developments closely. “A critical question in my mind about the UPNEP program,” explains Kent, “is whether it will be exploited by larger companies trying to knock out competitors using spurious patent claims. For instance, if a small merchant who can’t afford the $4,000 doesn’t respond, their product listings are automatically removed, regardless of the merits of the petitioning company’s patent claims.”

We’ll continue to monitor whether UPNEP—and the model it represents—becomes popular for resolving disputes between patent owners and merchants. With experience on more than 5,000 patent matters in the past decade, proprietary intelligence systems, and the best-in-class network of top experts from complex areas ranging from 5G, artificial intelligence, and virtual reality, IMS stand ready to connect you with the expert best-aligned for your needs.

© Copyright 2002-2019 IMS ExpertServices, All Rights Reserved.

Amazon 2-Day Free Shipping to Serve Divorce Papers: The Bezos Divorce through the Lens of New Jersey Law

Earlier this month, Amazon founder Jeff Bezos and his wife Mackenzie announced their plans to divorce, setting off speculation as to what would occur with their estimated $138 billion in net worth.

From a first glance, you may assume that the Bezos divorce would be much more acrimonious and hard fought than a case involving the typical John and Jane Doe case as the thought may be that there is more to fight for financially.

However, wealth in these incredibly high net worth cases actually removes many of the most challenging issues in divorce like payment of legal and expert fees or trying to continue the lifestyle for both parties with insufficient income from both parties to same to occur. The world’s richest couple will not have these challenges.

Instead, high net worth divorces have a whole different set of challenges that middle-class families typically do not need to consider.

First, the logical step-wise process in any division of assets and debts in a divorce is to ascertain, account for and value all of the assets and debts owned by either or both parties. For the Bezoses and other high net worth divorcees, this will likely be a complex, incredibly time-consuming process.

Beyond typical assets like cash, brokerage accounts, and retirement assets, parties like the Bezoses likely have ownership interests in many separate enterprises, corporations, partnerships, subsidiaries, investment trusts, along with extensive real estate, private equity holdings, and even art and jewelry collections all of which need to be accounted for and valued. Trusts and incredibly complex ownership structures will need to be investigated, digested and analyzed.

The Bezoses are going to need all sorts of professionals supervising and drafting documents to make sure that any kind of asset transfer will be well drafted and will protect both parties. If we do find any details about the Bezoses settlement (which I expect to remain private, as further outlined below), it will not likely be completed for years to come.

The most expensive part of the divorce process is not likely to be legal fees, but rather fees and costs for experts and appraisers who must figure out how to divide up the largest tranche of personal assets in the world.

Privacy is paramount in cases dealing with prominent figures and celebrities such as the Bezoses. Millions are chomping at the bit to hear about what they have, how it will be divided, and whether the fight will get ugly. In fact, this blog relies on the assumption that those of you reading this have at least some interest as to their personal lives and the theater of their divorce.

For this reason, it is very unlikely that the Bezos divorce ever sees a courtroom. It’s all but guaranteed that the divorce will be resolved through a private negotiated settlement, mediation or a private arbitration, or some combination all held behind closed doors with gag orders and strict confidentiality.

Lastly for this article, Jeff Bezos’ majority stakeholder status at Amazon brings about its own challenges, as would any high net worth divorcee with controlling interest in a business enterprise. Since the vast majority of Bezos’ wealth is tied up in his ownership stake in Amazon, which he started after marrying his wife, providing for equitable distribution may need to become creative.

Jeff and Mackenzie Bezos are based in the state of Washington, which is a community property state. This means that each spouse equally owns all of the assets either party has acquired over the course of their marriage, including their corporate shares. This differs from equitable distribution states like New Jersey, where division of the assets and debts of spouses are determined by a host of statutory factors meant for a fair allocation, which may not be an equal allocation.

Jeff Bezos, according to Forbes, owns 16% of Amazon, by far the largest shareholder. With major stockholders in a divorce, you want to be sure to effectuate division of the assets in such a way that does not divest control from that shareholder. For example, in the Bezos case, Mackenzie may be entitled to 50% of the total shares (remember, they live in a community property state where 50/50 splits are the presumption).

However, if 50% of Jeff Bezos’ shares are conveyed to Mackenzie and she liquidates a portion, shareholder control of Amazon could be significantly affected and the Bezos may lose their controlling stake. This could stagnate the family fortune which would benefit the Bezos’ children and legacy, which is unlikely to be MacKenzie’s goal or desire.

Instead, what is more likely is that Mackenzie will get “constructive ownership” of 50% of the shares, with Jeff retaining control of the business enterprise. Mackenzie will get the dividends from her portion of the shares and if there is a liquidity event, she might get bought out, but there would not likely be an actual transfer that would divest the family of control of Amazon.

There also may be a division based on exchanging values, meaning that perhaps an agreement is made wherein Mackenzie receives a much larger share or the entirety of other assets that would equal the value of her potential portion of her 50% right to the Amazon shares. However, this option appears to be less likely given that the majority of the Bezos net worth is tied to their Amazon holdings. Depending on how diversified they are, perhaps Jeff can convey more of some other assets and less of Amazon.

Time will tell whether we will ever know the result of the Bezos divorce, but we can be assured that the world will be watching to see what we can in regard to the world’s highest net worth divorce on record.

 

COPYRIGHT © 2019, Stark & Stark.
This post was written by Louis M. Ragone of Stark & Stark.

Have you ever used a one-click ordering process online? Then you indirectly paid Amazon.

If you purchased anything from a website using a one-click purchase button, you indirectly paid Amazon for that ability, at least up until September 11, 2017 when Amazon’s patent to this technology expired. As a result, one-click purchasing might become the new norm.

In 1997, Amazon filed for a business method patent to one-click purchasing, which allows return shoppers to purchase items with just a single click of a button instead of having to proceed through a prolonged checkout process. The patent issued in 1999, at which point Amazon sued Barnes & Noble for patent infringement based on a similar technology used during Barnes & Noble’s checkout process. After extended litigation, the two companies settled in 2002. Not wanting to face similar litigation, Apple licensed the patent in 2000 to simplify ordering from the Apple Store.

The patent was extremely contentious, causing multiple calls to tighten patent laws or eliminate business method patents entirely. In response to the numerous attacks on the patent, Jeff Bezos called on the US Patent and Trademark Office to reduce the lifespan of patents to only 3 to 5 years, which prompted the US Patent and Trademark Office to issue an action plan to work with e-commerce companies to strengthen issued business method patents. But despite facing numerous challenges over the years, the patent survived. Thus if you have ordered anything online using a one-click purchase process, that company likely paid a licensing fee to Amazon to be able to provide that option.

Since the patent is now expired, one-click purchasing is now open to every online retailer. Large technology companies, such as Apple, Facebook, and Microsoft, are developing standardized one-click checkout procedures that can be applied internet-wide and that follow you from website to website. Google is likewise developing technology to incorporate one-click purchasing into its internet browser, Chrome.

 

©1994-2018 Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C. 

Navigating Amazon: “On-Demand” Worker and World of Ultra Fast Delivery

amazon on demand workerOn March 22, 2017, Amazon unveiled its Prime Now” one-hour delivery service in Milwaukee, Wisconsin which brought the total number of cities where the service is available to over thirty. The Prime Now service provides the speed and convenience that many online consumers now expect. In meeting the growing consumer demand for speed and convenience, Amazon has adopted the “on-demand” workforce model similar to the one used by Uber Technologies and Lyft. The on-demand workforce concept is still somewhat in its infancy and is certainly not without its faults. It is (and will continue to be) the focus of increased regulatory scrutiny and a platform for potential suits from workers who may feel they are being exploited.

Labor Laws and the “On Demand Worker”

Amazon originally relied on third-party companies to handle its ultra-fast delivery service but began hiring “on-demand” drivers directly through its Amazon Flex program in September of 2016. There are a number of potential advantages of the “on-demand” workforce. For example, it helps the company reduce labor costs by classifying the drivers as independent contractors thereby providing flexible work arrangements and allowing the company to reduce its employment costs through opting out of local minimum wage and overtime laws. Using an on-demand workforce also allows the company to adjust the size of its workforce based on demand. However, the model also carries many risks. Namely, the risk of lawsuits from workers who claim worker’s compensation, unemployment benefits or other employee benefits. The relationship could also be subject to scrutiny by the Internal Revenue Service or state taxing authorities. These are risks that retailers will need to carefully analyze and consider before implementing the on-demand workforce concept.

The Drones Are Coming

One possible solution to the workforce issues that has garnered mass media attention is Amazon’s stated goal of using drones to deliver its products and packages in a half hour or less. The timetable for drone implementation has not been set but the use of drones purport to solve many of the labor law issues that continue to challenge the “on-demand” workforce model. However, the use of drones does require the review and analysis of myriad legal and regulatory issues. The legal issues requiring consideration include compliance with any applicable Federal Aviation Administration regulations which have gone into effect regarding drones. Some of these regulations appear to limit some of the potential to scale the use of drones. Retailers utilizing drones will also need to consider the labyrinth of local and state law and regulations that may be adopted.

As a leader in the world of hyper fast delivery, Amazon has already tested its competitors’ ability to adapt and so far Amazon has outperformed its competition in this space. The world of traditional brick and mortar will need to keep pace by more efficiently managing their retail operations and discovering innovative ways to deliver their products to assure customer satisfaction. To accomplish this, there are many leasing, distribution and economic factors which need to be properly considered and documented,

©2017 von Briesen & Roper, s.c.