Category: Administrative & Regulatory

EPA’s Stormwater General Permit is Safe. Does it Matter?

A Colorado-based NGO has dropped its 9th Circuit lawsuit challenging EPA’s Multi-Sector General Permit for stormwater discharges associated with industrial facilities.

On one hand, this is a victory for EPA which apparently offered nothing to settle the case before the NGO threw up its hands.

On the other hand, the General Permit is only applicable in Massachusetts, New Hampshire and New Mexico, the three states that have not been delegated the authority to issue such a permit (as well as tribal lands and other lands not subject to state jurisdiction).

Why did the NGO bring this suit to begin with?  Did it hope that the Biden Administration EPA would, when push came to shove, do something dramatically different than the Trump Administration EPA?

Whatever the reason, the NGO has apparently concluded that the current law and permit give it plenty of grounds to bring suits over stormwater discharges in the 9th Circuit and elsewhere.  There are already several such imaginative suits pending on the west coast.

Are the regulators in Massachusetts less able to issue and enforce stormwater permits than than their colleagues in 47 other states?  The answer is of course not.  They are completely able and more able than most.  And they already have authority under state laws and regulations that are broader in their reach than the federal law.

But the Massachusetts legislature has stood in the way, apparently because it doesn’t want to bear the costs of regulating in this area borne by 47 other states.  Uncertainty and the threat, if not the actuality, of litigation has been the unfortunate result of this dereliction for the regulated community, including the municipalities in which we live.

We deserve better.

The Center for Biological Diversity (CBD) is dropping its legal challenge to EPA’s industrial stormwater general permit that sought stricter regulation of plastics pollution after settlement discussions were unfruitful, according to an attorney familiar with the litigation.

Article By Jeffrey R. Porter of Mintz

For more environmental legal news, click here to visit the National Law Review.

©1994-2021 Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C. All Rights Reserved.

Patch Up – Log4j and How to Avoid a Cybercrime Christmas

A vulnerability so dangerous that Cybersecurity and Infrastructure (CISA) Director Jen Easterly called it “one of the most serious [she’s] seen in [her] entire career, if not the most serious” arrived just in time for the holidays. On December 10, 2021, CISA and the director of cybersecurity at the National Security Agency (NSA) began alerting the public of a critical vulnerability within the Apache Log4j Java logging framework. Civilian government agencies have been instructed to mitigate against the vulnerability by Christmas Eve, and companies should follow suit.

The Log4j vulnerability allows threat actors to remotely execute code both on-premises and within cloud-based application servers, thereby obtaining control of the impacted servers. CISA expects the vulnerability to affect hundreds of millions of devices. This is a widespread critical vulnerability and companies should quickly assess whether, and to what extent, they or their service providers are using Log4j.

Immediate Recommendations

  • Immediately upgrade all versions of Apache Log4j to 2.15.0.
  • Ask your service providers whether their products or environment use Log4j, and if so, whether they have patched to the latest version. Helpfully, CISA sponsors a community-sourced GitHub repository with a list of software related to the vulnerability as a reference guide.
  • Confirm your security operations are monitoring internet-facing systems for indicators of compromise.
  • Review your incident response plan and ensure all response team information is up to date.
  • If your company is involved in an acquisition, discuss the security steps taken within the target company to address the Log4j vulnerability.

The versatility of this vulnerability has already attracted the attention of malicious nation-state actors. For example, government-affiliated cybercriminals in Iran and China have a “wish list” (no holiday pun intended) of entities that they are aggressively targeting with the Log4j vulnerability. Due to this malicious nation-state activity, if your company experiences a ransomware attack related to the Log4j vulnerability, it is particularly important to pay attention to potential sanctions-related issues.

Companies with additional questions about the Log4j vulnerability and its potential impact on technical threats and potential regulatory scrutiny or commercial liability are encouraged to contact counsel.

Article By Philip J. Bezanson, Brittney E. Justice, Claire E. Cahoon, and Seth D. DuCharme of Bracewell LLP

For more cybersecurity legal news, click here to visit the National Law Review.

© 2021 Bracewell LLP

Current Pandemic-Related Regulations for Business Travel to the United States, Germany, and the EU

Recently, due to the availability of COVID-19 vaccines, many countries decided to lift their entry restrictions or change them in such a way that travelers who had recovered from COVID-19 infections or been vaccinated were allowed entry. Here is an overview of some of the current entry requirements for international travel.

Entry Into the United States

Since November 8, 2021, individuals have been allowed to enter the United States again from Europe. For 20 months, an entry ban had been in place in the United States for travelers from Brazil, China, India, Iran, Ireland, the Schengen Area (26 countries), South Africa, and the United Kingdom. A proclamation issued by President Joe Biden on October 25, 2021—“A Proclamation on Advancing the Safe Resumption of Global Travel During the COVID-⁠19 Pandemic”—ended these entry restrictions and the need for national interest exceptions (NIE) to the restrictions. Travelers from most countries (a recent U.S. ban on travel from eight African countries took effect on November 29, 2021) may enter the United States if they are fully vaccinated and present negative coronavirus test results (via RT-PCR tests or antigen tests) that are no more than three days old at the time of departure.

Travelers must prove to their airlines that they have been fully vaccinated with internationally recognized vaccines prior to their departures. Currently, the United States recognizes vaccines the Pfizer-BioNTech, Oxford-AstraZeneca, Oxford-AstraZeneca/Covishield, Covaxin, Moderna, Johnson & Johnson/Janssen, BIBP/Sinopharm, and Sinovacvaccines. A traveler’s last vaccination must have taken place at least 14 days before the planned date of travel. The United States accepts the EU Digital COVID Certificate as proof of vaccination.

Exempt groups include persons on diplomatic or governmental foreign travel, children under 18 years of age, and persons who cannot be vaccinated with a COVID-19 vaccine for documented medical reasons. Persons exempt from the October 25, 2021, proclamation’s requirements may enter the United States without being fully vaccinated, but they must quarantine for seven days upon arrival and test for COVID-19 infection three to five days after entry.

Regardless of the COVID-19–related entry requirements, all travelers still need an Electronic System for Travel Authorization (ESTA) entry permit issued by U.S. Customs and Border Protection (CBP). CBP advises travelers to apply online for ESTA authorization at least 72 hours in advance of departure.

Requirements for Entry Into the European Union

The European Union (EU) has a common approach to travel from third countries to EU member states. Entry requirements are constantly being adapted to the pandemic situation as international travel gradually opens up. Currently, in principle, any person from a third country who has been fully vaccinated with a vaccine approved by the European Medicines Agency (EMA) (BioNTech-Pfizer, Moderna, AstraZeneca, and Janssen-Cilag) may enter the European Union. The last vaccination must have taken place at least 14 days before the planned entry.

EU citizens and residents as well as their family members are allowed to enter EU member states without being fully vaccinated. Further exceptions apply to persons for whom absolutely necessary reasons for entry exist. “Absolutely necessary reasons” may exist, among other things, for highly qualified employees from third countries if their labor is necessary from an economic point of view and their work cannot be postponed or carried out abroad.

The EU also maintains a list of countries where the epidemiological situation has improved sufficiently (the so-called “EU White List”), so that entry from these countries is possible regardless of an individual’s vaccination status. This list is constantly updated according to the epidemiological situation. The United States is not currently on the EU White List, so entry from the United States is only possible for fully vaccinated persons.

Each EU member state may set its own additional entry requirements. The EU’s “Re-open EU,” a clearinghouse of information regarding EU member states’ pandemic-related measures, offers an overview of the quarantine and testing requirements of the individual countries.

Requirements for Entry Into Germany

All travelers to Germany from third countries that are not on the EU White List and are not EU citizens or residents must be fully vaccinated. In exceptional cases, entry is possible if it is absolutely necessary.

In addition, all travelers aged 12 or older must provide proof of vaccination. Before crossing the border, proof of vaccination or convalescence, or a test result showing negative for infection (e.g., an antigen test that is no more than 48 hours old or an RT-PCR test that is no more than 72 hours old), must be presented for inspection by the carrier or at the request of the Federal Police.

For previous stays in high-risk or virus-variant areas, digital travel registration is also mandatory. The Robert Koch Institute provides a current list of all high-risk and virus-variant areas.

Nonvaccinated or recovered travelers entering from high-risk areas must also present a negative test upon entry and enter domestic quarantine for 10 days. The domestic quarantine can be ended prematurely if another negative test result is presented five days after entry.

At present, travel from a virus-variant area is not possible, as a travel ban is in force for countries where virus mutations are widespread. Entry is possible only in a few exceptional cases (for example, for German nationals and persons with residence and an existing right of abode in Germany, as well as their immediate family members). Irrespective of vaccination or convalescent status, these travelers are obliged to register their entries digitally, present negative test results upon entry, and go into quarantine for 14 days. Only vaccinated and recovered persons may shorten their quarantine periods by presenting further negative test results five days after entry.

Employer Inquiries Into Employees’ Vaccination and Recovery Status

These extensive regulations raise a question as to whether an employer may inquire into an employee’s vaccination status, or whether the employee has recovered from a COVID-19 infection in connection with an upcoming business trip.

The vaccination and/or convalescence status of an employee, under 9 (1) of the EU’s General Data Protection Regulation (GDPR), is considered health data and thus protected personal information according to Art. An employer may request and process this information only if there is a legal basis for doing so. If a business trip requires proof of an employee’s vaccination against COVID-19 (e.g., due to entry restrictions), an employer may request and process this information from the employee in individual cases. However, employers may only request the information in the context of specific business trips and are prohibited from retaining the information for any other purposes.”

The COVID-19–related entry regulations of many countries may largely determine the feasibility of a contemplated business trip, as the prospect for international business travel will likely depend on the vaccination status of the employees involved. This situation may result in a legitimate interest on the part of the employer to inquire into employee vaccination status because the employer would otherwise be unable to find out whether a particular employee met the entry requirements of the destination country. Only by inquiring into vaccination status can the employer ensure that the employee is not turned away at the border—i.e., that the employee can fulfill the duty to provide the contractually agreed upon work within the scope of the business trip.

Whether an employer’s query regarding an employee’s vaccination status is legitimate is therefore a case- and fact-specific inquiry, which depends above all on the entry regulations of the destination country. If the destination country requires complete vaccination for entry, it may be permissible from a data protection perspective to ask about an employee’s vaccination status.

Article By Cynthia Lange of Ogletree, Deakins, Nash, Smoak & Stewart, P.C.

For more COVID-19 and travel-related legal news, click here to visit the National Law Review.

© 2021, Ogletree, Deakins, Nash, Smoak & Stewart, P.C., All Rights Reserved.

CFPB Solicits Whistleblowers to Strengthen Enforcement of Consumer Financial Protection Laws

In its revamped whistleblower webpage, the CFPB is enlisting the help of whistleblowers to provide tips about the following issues:

  • Any discrimination related to consumer financial products or services or small businesses
  • Any use of artificial intelligence/machine learning models that is based on flawed or incomplete data sets, that uses proxies for race, gender, or other group characteristics, or that impacts particular groups or classes of people more than others;
  • Misleading or deceptive advertising of consumer financial products or services, including mortgages
  • Failure to collect, maintain, and report accurate mortgage loan application and origination data
  • Failure to provide or use accurate consumer reporting information
  • Failure to review mortgage borrowers’ loss mitigation applications in a timely manner
  • Any unfair, deceptive, or abusive act or practice with respect to any consumer financial product or service.

The CFPB has also announced that it seeks tips to help it combat the role of Artificial Intelligence in enabling intentional and unintentional discrimination in decision-making systems.  For example, a recent study of algorithmic mortgage underwriting revealed that Black and Hispanic families have been more likely to be denied a mortgage compared to similarly situated white families.

Proposed CFPB Whistleblower Reward Program

Currently, there is no whistleblower reward program at the CFPB and sanctions collected in CFPB enforcement actions do not qualify for SEC related action whistleblower awards.  In light of the success of the SEC’s Whistleblower Program as an effective tool to protect investors and strengthen capital markets, the CFPB requested that Congress establish a rewards program to strengthen the CFPB’s enforcement of consumer financial protection laws.

In September 2021, Senator Catherine Cortez Masto introduced the Financial Compensation for Consumer Financial Protection Bureau Whistleblowers Act (S. 2775), which would establish a whistleblowers rewards program at the CFPB similar to the SEC Whistleblower Program.  It would authorize the CFPB to reward whistleblowers between 10% to 30% of collected monetary sanctions in a successful enforcement action where the penalty exceeds $1 million.  And in cases involving monetary penalties of less than $1 million, the CFPB would be able to award any single whistleblower 10% of the amount collected or $50,000, whichever is greater.

The Financial Compensation for CFPB Whistleblowers Act is cosponsored by Chairman of the Senate Banking, Housing, and Urban Affairs Committee Senator Sherrod Brown and Senators Dick Durbin, Elizabeth Warren, Jeff Merkley, Richard Blumenthal, and Tina Smith. In the House, Representative Al Green introduced a companion bill (H.R. 5484).

A whistleblower reward program at the CFPB could significantly augment enforcement of consumer financial protection laws, including laws barring unfair, deceptive, or abusive acts and practices.  The CFPB has authority over a broad array of consumer financial products and services, including mortgages, deposit taking, credit cards, loan servicing, check guaranteeing, collection of consumer report data, debt collection associated with consumer financial products and services, real estate settlement, money transmitting, and financial data processing.  In addition, the CFPB is the primary consumer compliance supervisory, enforcement, and rulemaking authority over depository institutions with more than $10 billion in assets.

Hopefully, Congress will act swiftly to enact the Financial Compensation for CFPB Whistleblowers Act.

Protection for CFPB Whistleblowers

Although Congress did not establish a whistleblower reward program when it created the CFPB, it included a strong whistleblower protection provision in the Consumer Financial Protection Act of 2010 (CFPA).  The anti-retaliation provision of the Consumer Financial Protection Act provides a cause of action for corporate whistleblowers who suffer retaliation for raising concerns about potential violations of rules or regulations of the CFPC.

Workers Protected by the CFPA Anti-Retaliation Law

The term “covered employee” means “any individual performing tasks related to the offering or provision of a consumer financial product or service.”  The CFPA defines a “consumer financial product or service” to include “a wide variety of financial products or services offered or provided for use by consumers primarily for personal, family, or household purposes, and certain financial products or services that are delivered, offered, or provided in connection with a consumer financial product or service . . . Examples of these include . .. residential mortgage origination, lending, brokerage and servicing, and related products and services such as mortgage loan modification and foreclosure relief; student loans; payday loans; and other financial services such as debt collection, credit reporting, credit cards and related activities, money transmitting, check cashing and related activities, prepaid cards, and debt relief services.”

Scope of Protected Whistleblowing About Consumer Financial Protection Violations

The CFPA protects disclosures made to an employer, to the CFPB or any State, local, or Federal, government authority or law enforcement agency concerning any act or omission that the employee reasonably believes to be a violation of any CFPB regulation or any other consumer financial protection law that the Bureau enforces. This includes several federal laws regulating “unfair, deceptive, or abusive practices . . . related to the provision of consumer financial products or services.”

Some of the matters the CFPB regulates include:

  • kickbacks paid to mortgage issuers or insurers;
  • deceptive advertising;
  • discriminatory lending practices, including a violation of the Equal Credit Opportunity Act (“ECOA”);
  • excessive fees;
  • any false, deceptive, or misleading representation or means in connection with the collection of any debt; and
  • debt collection activities that violate the Fair Debt Collection Practices Act (FDCPA).

Some of the consumer financial protection laws that the CFPB enforces include:

  • Real Estate Settlement Procedures Act;
  • Home Mortgage Disclosure Act;
  • Equal Credit Opportunity Act;
  • Truth in Lending Act;
  • Truth in Savings Act;
  • Fair Credit Billing Act;
  • Fair Credit Reporting Act;
  • Electronic Fund Transfer Act;
  • Consumer Leasing Act;
  • Fair Debt Collection Practices Act;
  • Home Owners Protection Act; and
  • Secure and Fair Enforcement for Mortgage Licensing Act

Reasonable Belief Standard in Banking Whistleblower Retaliation Cases

The CFPA whistleblower protection law employs a reasonable belief standard.  As long as the plaintiff’s belief is reasonable, the whistleblower is protected, even if the whistleblower makes a mistake of law or fact about the underlying violation of a law or regulation under the CFPB’s jurisdiction.

Prohibited Retaliation

The CFPA anti-retaliation law proscribes a broad range of adverse employment actions, including terminating, “intimidating, threatening, restraining, coercing, blacklisting or disciplining, any covered employee or any authorized representative of covered employees” because of the employee’s protected whistleblowing.

Proving CFPA Whistleblower Retaliation

To prevail in a CFPA whistleblower retaliation claim, the whistleblower need only prove that his or her protected conduct was a contributing factor in the adverse employment action, i.e., that the protected activity, alone or in combination with other factors, affected in some way the outcome of the employer’s decision.

Where the employer takes the adverse employment action “shortly after” learning about the protected activity, courts may infer a causal connection between the two.  Van Asdale v. Int’l Game Tech., 577 F.3d 989, 1001 (9th Cir. 2009).

Filing a CFPA Financial Whistleblower Retaliation Claim

CFPA complaints are filed with OSHA, and the statute of limitations is 180 days from the date when the alleged violation occurs, which is the date on which the retaliatory decision has been both made and communicated to the whistleblower.

The complaint need not be in any particular form and can be filed orally with OSHA. A CFPA complaint need not meet the stringent pleading requirements that apply in federal court, and instead the administrative complaint “simply alerts OSHA to the existence of the alleged retaliation and the complainant’s desire that OSHA investigate the complaint.” If the complaint alleges each element of a CFPA whistleblower retaliation claim and the employer does not show by clear and convincing that it would have taken the same action in the absence of the alleged protected activity, OSHA will conduct an investigation.

OSHA investigates CFPA complaints to determine whether there is reasonable cause to believe that protected activity was a contributing factor in the alleged adverse action.  If OSHA finds a violation, it can order reinstatement of the whistleblower and other relief.

Article By Jason Zuckerman of Zuckerman Law

For more financial legal news, click here to visit the National Law Review.

© 2021 Zuckerman Law

Biden Administration Issues New Government-Wide Anti-Corruption Strategy

On Dec. 7, 2021, the White House published a government-wide policy document entitled “United States Strategy on Countering Corruption” (“Strategy”). The Strategy implements President Biden’s National Security Memorandum from earlier in 2021, which declared international corruption a threat to U.S. national security.

The Strategy is notable for several reasons:

First, the Strategy focuses not just on the “supply side” of foreign bribery and corruption—that is, companies acting in violation of the Foreign Corrupt Practices Act (FCPA)—but also on the “demand side” of the equation, namely corrupt foreign officials and those who assist them. It promises to pair vigorous enforcement of the FCPA with efforts to hold corrupt leaders themselves accountable, via U.S. money laundering laws, economic sanctions, and visa restrictions.

Second, the Strategy specifically calls out the role of illicit finance in facilitating and perpetuating foreign corruption, promising “aggressive enforcement” against those who facilitate the laundering of corrupt proceeds through the U.S. economy. Professional gatekeepers such as lawyers, accountants, and trust and company service providers are specifically identified as targets of future scrutiny. The Strategy also promises to institute legislative and regulatory changes to address anti-money laundering (AML) vulnerabilities in the U.S. financial system. These promised changes include:

  • Finalizing beneficial ownership regulations, and building a national database of beneficial owners, as mandated by the Anti-Money Laundering Act of 2020.

  • Promulgating regulations designed to reveal when real estate is used to hide ill-gotten gains. Contemporaneously with the White House’s issuance of the Strategy, the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) issued an Advance Notice of Proposed Rulemaking (ANPRM), inviting public comment on its plan to apply additional scrutiny to all-cash real estate transactions.

  • Prescribing minimum reporting standards for investment advisors and other types of equity funds, which are currently not subject to same AML program requirements as other financial institutions.

Third, the Strategy calls for a coordinated, government-wide response to corruption, and it contemplates a role not only for law enforcement and regulatory agencies but also for agencies such as the Department of State and Department of Commerce, which is to establish its own new anti-corruption task force. It remains to be seen if the increased scope of anti-corruption efforts called for by the Strategy will result in new or additional penalties for persons and entities perceived as corrupt or as facilitating corruption, but the Strategy may place an additional premium on corporate anti-corruption compliance.

Individuals and entities operating in sectors traditionally associated with corruption and/or AML risk should consider taking the following steps in response to the Strategy. These considerations apply not only to U.S. persons and businesses but also to anyone who may fall within the broad purview of the FCPA, U.S. money laundering statutes, and other laws with extraterritorial reach:

  • Increase due diligence for any pending or future transactions in jurisdictions where potentially corrupt actors or their designees play a role in awarding government contracts. Ensure any payments are the result of arms-length transactions based on legitimate financial arrangements.

  • Professional gatekeepers should become familiar with the particular risks associated with the industries in which they operate. While AMLA made it clear that lawyers, accountants, and real estate professionals will come under increased scrutiny based on the risk profile of their clients, the Strategy increases the likelihood that law enforcement will devote additional resources in this sometimes-overlooked area.

  • Given the increased role the State Department will continue to play in the anticorruption space based on the National Defense Authorization Act and the Strategy, companies doing business in or with countries vital to U.S. foreign policy goals should remember that in addition to the individual leaders of these countries, government institutions and lower-level officials could create risk and will be closely watched. Though the U.S. government often talks about specific government officials, the Strategy appears to take a broader approach.

  • Businesses should continue to examine and reexamine third-party risk with an emphasis on preventing potential problems before they occur. Additional resources and increased cooperation between and among government agencies may lead to additional investigations and enforcement actions, so compliance programs should be updated where necessary.

Article By Kyle R. Freeny and Benjamin G. Greenberg of Greenberg Traurig, LLP

For more white collar crime and consumer rights legal news, click here to visit the National Law Review.

©2021 Greenberg Traurig, LLP. All rights reserved.

Federal Judge Blocks Contractor Vaccine Mandate Nationwide

On December 7, 2021, a federal judge issued a nationwide preliminary injunction halting enforcement of the federal contractor and subcontractor vaccine mandate requirements issued by the Safer Federal Workforce Task Force in response to President Biden’s Executive Order 14042, Ensuring Adequate COVID Safety Protocols for Federal Contractors.  The mandate requires covered contractor employees to be fully vaccinated by January 18, 2022.  On November 30, a federal judge in Kentucky blocked enforcement of the mandate in Kentucky, Ohio, and Tennessee.  We blogged about that decision here.

Judge R. Stan Baker’s decision came in a case originally filed by Georgia, Alabama, Idaho, Kansas, South Carolina, Utah, and West Virginia, the governors of several of those states, and various state agencies, including the Board of Regents of the University System of Georgia.  Later, the Associate Builders and Contractors, Inc. (“ABC”), a trade organization, and one of its chapters in Georgia filed a Motion to Intervene along with their own Motion for Preliminary Injunction.  Judge Baker denied the Motion to Intervene as to the local chapter, but granted the Motion to Intervene as to ABC.  As discussed below, the Judge then found that the inclusion of this additional plaintiff warranted issuing a nationwide injunction (as opposed to the Kentucky judge’s more limited Order).

As in the Kentucky case, Judge Baker found the Plaintiffs would likely be able to show that the mandate exceeds the President’s powers under the Federal Property and Administrative Services Act.  He declined to issue a decision as to whether the mandate likely violated the constitutional non-delegation doctrine or infringed on rights reserved to the states under the Tenth Amendment.

As to why the Court here issued a nationwide injunction, Judge Baker cited the inclusion of ABC, contending that the trade association had members “all over the country” and were awarded “57% of federal contracts exceeding $25 million during fiscal years 2009-2020.”  His injunction does not appear to apply to other aspects of the contractor COVID-19 requirements issued by the Task Force, including those related to masking and social distancing.

It is unclear whether the federal government will seek to have the injunction lifted, and whether such an effort will be successful.  But, effective immediately, covered contractors in any state or territory of the United States of America are no longer mandated to require their covered workers to be vaccinated.

© 2021 Proskauer Rose LLP.

Article By Guy Brenner and Jacob P. Tucker of Proskauer Rose LLP

For more articles on vaccines, visit the NLR Coronavirus News section.

NYC Announces Private-Sector Vaccine Mandate

On December 6, 2021, outgoing New York City Mayor Bill de Blasio announced major expansions to New York’s “Key to NYC” program, which was implemented through Emergency Executive Order 225 and became effective on August 17, 2021. The mayor also announced a first-in-the-nation vaccination mandate for private-sector workers in New York City, which is set to take effect on December 27, 2021. Additional guidance on these expansive mandates is expected on December 15, 2021.

Private-Sector Vaccine Mandate

The mayor has announced that New York City will implement a “first-in-the-nation,” vaccine mandate for private-sector workers. The mandate is currently set to take effect on December 27, 2021. The mayor estimates that approximately 184,000 businesses would be affected. A spokesperson for Mayor-elect Eric Adams, who is due to take office on January 1, 2022, just days after the mandate is set to take effect, has indicated that the mayor-elect will evaluate the mandate when he takes office and will “make determinations based on science, efficacy and the advice of health professionals.”

Key to NYC Expanded

Under the existing Key to NYC program, staff and patrons who enter certain types of indoor entertainment, recreation, dining, and fitness establishments are required to have received at least one dose of a COVID-19 vaccine. Previously, children under the age of 12, along with certain other individuals were exempt from showing proof of vaccination.

Beginning on December 14, 2021, children ages 5-11 will be required to show proof of at least one dose of the COVID-19 vaccine in order to enter the covered establishments mentioned above. While individuals were previously only required to show proof of one dose of the vaccine, beginning on December 27, individuals in New York City over the age of 12 will now be required to show proof of two doses of the vaccine.

High-Risk Extracurricular Activities

The mayor also announced that vaccinations would be required for children ages 5-11 if they wish to participate in “high-risk extracurricular activities.” These activities are currently defined as “sports, band, orchestra, and dance.” Children in this age group will be required to have the initial vaccine dose by December 14, 2021.

Key Takeaways

Employers in New York City may wish to review the above requirements to ensure that their practices comply with the obligations articulated in the anticipated mandates. Employers may also want to stay updated as the Key to NYC and the private-sector vaccine mandate continues to evolve.

Article By Kelly M. Cardin and Jessica R. Schild of Ogletree, Deakins, Nash, Smoak & Stewart, P.C.

For more labor and employment legal news, click here to visit the National Law Review.

© 2021, Ogletree, Deakins, Nash, Smoak & Stewart, P.C., All Rights Reserved.

What We Know And Don’t About The Federal Court Order Enjoining EO 14042

In news that will be of interest to every federal contractor, including large and small businesses, universities, banks, and the health care industry, Executive Order 14042 (along with the related Task Force Guidance and contract clauses) has been ENJOINED in the states of Kentucky, Ohio, and Tennessee. U.S. District Court Judge Gregory F. Van Tatenhove of the Eastern District of Kentucky issued an order on November 30, 2021 granting Plaintiffs’ (a group including the states of Tennessee, Kentucky, and Ohio) motion for a preliminary injunction.

The decision most certainly will be appealed. In the meantime, contractors with employees performing in Kentucky, Ohio, or Tennessee are not required to comply with the Executive Order or FAR/DFARS clauses. Obviously, this creates a conundrum for federal contractors and subcontractors looking for a uniform way to implement the EO rules.

Background

Plaintiffs Kentucky, Ohio, and Tennessee filed suit in the U.S. District Court for the Eastern District of Kentucky on November 4, 2021, and four days later filed for a Temporary Restraining Order and Preliminary Injunction (“TRO/PI”). The TRO/PI motion asked the Court to enjoin the Government’s enforcement of EO 14042. Plaintiffs challenged the EO on 10 separate grounds, including that it violated the Federal Property and Administrative Services Act (“FPASA”), the Competition in Contracting Act (“CICA”), the Administrative Procedures Act (“APA”), and the U.S. Constitution. The Court held a conference among the parties on November 9 and a hearing on November 18.

The District Court Decision

Regardless of whether one likes the outcome or not, Judge Van Tatenhove’s decision is thoughtfully reasoned and well written. It is methodical and well cited. In sum, Judge Van Tatenhove enjoined the EO not because of the process by which the Administration implemented the mandate (i.e. not due to the lack of a meaningful notice-and-comment period or the unprecedented dynamic nature of the FAR clause), but rather because he found the Administration never had the authority to implement a vaccine mandate in the first place. In other words, the Court issued the injunction because the President of the United States purportedly lacks the statutory or constitutional authority to regulate public health via a contract clause issued pursuant to a procurement statute.

The decision, however, readily concedes that the Court’s view is the beginning, not the end, of the story. “Once again,” the Judge explained, “the Court is asked to wrestle with important constitutional values implicated in the midst of a pandemic that lingers. These questions will not be finally resolved in the shadows. Instead, the consideration will continue with the benefit of full briefing and appellate review. But right now, the enforcement of the contract provisions in this case must be paused.”

The Practical Impact (and Scope) of Kentucky v. Biden

While the Court’s decision is significant, it does NOT apply to all federal contractors. It enjoins the Government “from enforcing the vaccine mandate for federal contractors and subcontractors in all covered contracts in Kentucky, Ohio, and Tennessee.” Sadly, Judge Van Tatenhove does not explain this sentence. Does he mean to enjoin all federal contracts performed in those states, all federal contracts held by contractors operating in those states, or maybe even all federal contracts issued by agencies based in those states? It’s unclear. Adding to the confusion is his statement that the injunction “is properly limited to the parties before the Court” (i.e., the states of Kentucky, Tennessee, Ohio). Here again, we are left to guess what he means.

Subsequent to the Court’s decision, GSA took prompt steps to notify its contractors of the late breaking news. Here is GSA’s take on the scope of the injunction:

Update: On November 30, 2021, in response to a lawsuit filed in the United States District Court, Eastern District of Kentucky, a preliminary injunction was issued halting the Federal Government from enforcing the vaccine mandate for Federal contractors and subcontractors in all covered contracts in Kentucky, Ohio, and Tennessee.

GSA implemented the vaccine mandate stemming from Executive Order 14042 through Class Deviation CD-2021-13. Pursuant to the preliminary injunction, GSA will not take any action to enforce FAR clause 52.223-99 Ensuring Adequate COVID-19 Safety Protocols for Federal Contractors in all covered contracts or contract-like instruments being performed, in whole or in part, in Kentucky, Ohio and Tennessee.

While GSA’s formulation is a bit more useful than the Court’s in that it focuses on contracts “being performed . . . in” the three states, it still does not answer the key question regarding scope.

We think the most common sense interpretation of the scope of the injunction is that it applies to covered employees performing work in Kentucky, Tennessee, and Ohio. That being said, GSA’s interpretation seems to indicate the analysis should be performed at the contract level, rather than the employee level (i.e., if you have even one employee performing on a contract in one of those three states, then the entire contract is exempt from enforcement).

We hope to receive updated Guidance from the Task Force providing a definitive answer to this question in the near future. Until then, Federal contractors and subcontractors are stuck between the proverbial rock and a hard place – having to decide whether to continue marching ahead pursuant to the EO or navigate different rules in different states.

In reaching their own interpretive decision, contractors should keep in mind that the Court order does not prohibit compliance with the EO, it simply enjoins the Government from enforcing the EO. Before a contractor decides to continue rolling out its existing compliance approach as planned, however, it would be well advised to consider this: Now that the EO has been enjoined in Kentucky, Ohio, and Tennessee, one can make a credible (and likely correct) argument the EO requirements are no longer mandatory in those states (both vaccination and making/distancing). This transition from a mandatory to a voluntary rule creates at least two new hurdles for contractors.

  • First, continuing to comply with the FAR/DFARS clauses could create state liability where a state has a law against a vaccine mandate. For example, on November 12, 2021 Tennessee passed TN HB 9077/SB 9014, which prohibits private businesses, governmental entities, schools, and local education agencies from compelling an individual, or from taking adverse action against the individual to compel them, to provide proof of vaccination. Previously, the Executive Order, as a federal law, would have trumped the conflicting state law. Now, however, the unenforceable EO no longer reigns supreme. Accordingly, continuing to impose the EO on a Tennessee workforce creates state risk.
  • Second, continuing to comply with the FAR/DFARS clauses in Tennessee, Kentucky, or Ohio could create problems with a company’s collective bargaining obligations. When the vaccine requirement was a legal obligation, it probably was not required to be collectively bargained. Now that the requirement is no longer a legal obligation (at least in the three states covered by the Court order), imposing a vaccine mandate on union employees may have to be collectively bargained.

Accordingly, while marching ahead with an existing EO 14042 company-wide compliance plan may make great sense from an efficiency and consistency standpoint, it could create unintended risks in at least three states (and certainly in Tennessee).

What Should Contractors Do Now?

The EO 14042 COVID safety contracting landscape (like COVID itself) is changing every day. We are hopeful the Task Force will issue new Guidance soon to help contractors navigate the new hurdles created by the Kentucky decision. Until then, here are a few thoughts for consideration:

  • If you have no employees performing in Kentucky, Ohio, or Tennessee, the Order has no impact on you. The EO still applies to your contracts in other states just as it did prior to the Court’s decision.
  • If you have employees performing in Tennessee, take a close look at TN HB 9077/SB 9014 before making any decision regarding implementation of the EO.
  • If you have employees performing in Kentucky or Ohio and do not have collective bargaining agreements, you may want to continue enforcing the EO to avoid having different rules in different locations. But if you have collective bargaining agreements, make sure you connect with your L&E lawyer before charting a path forward.
  • Consider putting together a communication to your employees who no doubt soon will read a headline and have questions about the Order.
  • For contractors with employees performing in Kentucky, Tennessee, or Ohio, update your current compliance plan.
  • In the absence of further Task Force Guidance, consider staying in close communication with your contracting officer regarding your implementation approach, especially in the three states implicated by the Order.

Additionally, stay on the lookout for additional updates (including from us) on the other pending litigation challenging the EO.

What’s Next?

Speaking of the “other pending litigation,” the docket still is full of challenges to the EO. By our count, there are motions for preliminary injunction pending in cases with 24 additional states as plaintiffs:

 

 

 

 

 

 

 

The judges in these cases are not bound by the Kentucky decision – either on the merits or the scope of any resulting injunction. Meaning, should a judge in one of the remaining cases also strike the EO as contrary to law or the Constitution, that judge could choose to issue a nationwide injunction covering all contractors in all states (or, as the Kentucky judge chose, limit the application to the specific state(s) involved). Only time will tell. As of the publication of this Alert, three of those cases have hearings scheduled for December 3, 6, and 7. We expect decisions shortly thereafter.

Importantly, as the Kentucky decision explicitly recognizes, it’s unlikely any of these district courts will be the final arbiter of the legality of EO 14042. We think it’s only a matter of time until we get the rarely seen, yet always celebrated Supreme Court government contracts decision. Stay tuned.

For Those Wanting A Bit More Detail . . .

For those interested in the details of the Kentucky decision, here is a brief summary:

After analyzing and concluding that the plaintiffs had standing to pursue this matter on behalf of their agencies and businesses operating in their states (a contrary outcome to the U.S. District Court’s recent decision in Mississippi), Judge Van Tatenhove jumped right in to analyzing the myriad arguments raised by Plaintiff. Briefly, here is what he found:

  • FPASA. Plaintiffs argued that the President exceeded his authority under FPASA in issuing the EO. The Court agreed, reasoning that FPASA was intended to give the President procurement powers, not unlimited powers. “FPASA does not provide authority to ‘write a blank check for the President to fill in at his will. . . .” The Court found an insufficiently close nexus between the EO and the need for economy and efficiency in the procurement of goods and services, reasoning that similar logic could authorize a president to outlaw overweight contractor employees since the CDC has concluded that obesity worsens the outcomes of COVID-19. While recognizing the breadth of FPASA and how it historically has been used to promote far-reaching social labor policies (e.g., EO 11246), for this judge at least, the COVID-19 mandate was just a bridge too far.
  • CICA. CICA requires agencies to provide “full and open competition through the use of competitive procedures” in federal procurements. The Court found that the EO violates CICA. According to Judge Van Tatenhove, “contractors who ‘represent the best value to the government’ but choose not to follow the vaccine mandate would be precluded from effectively competing for government contracts.” It seems to us this reasoning does not hold up under close scrutiny. Couldn’t one say the same thing about contractors precluded from contracts where they “choose not to follow” the Trade Agreements Act, Section 889, Executive Order 11246, or any other number of gating procurement rules? In any event, the Court found the argument compelling at least “at this early stage in the litigation.”
  • Non-Delegation Doctrine. The non-delegation doctrine precludes Congress from transferring its legislative power to another branch. Plaintiffs argued that “mandating vaccination for millions of federal contractors and subcontractors is a decision that should be left to Congress (or, more appropriately, the States) and is a public health regulation as opposed to a measure aimed at providing an economical and efficient procurement system.” In evaluating Plaintiffs’ argument, the Court looked to the OSHA rule recently struck down by the Fifth Circuit. “It would be reasonable to assume that a vaccine mandate would be more appropriate in the context of an emergency standard promulgated by OSHA,” Judge Van Tatenhove noted, and then went on to note that even the OSHA ETS was struck down as a violation of the non-delegation doctrine. If the ETS couldn’t withstand a non-delegation challenge, “the Court has serious concerns about the FPASA, which is a procurement statute, being used to promulgate a vaccine mandate for all federal contractors and subcontractors.” The Court acknowledged “that only twice in American history, both in 1935, has the Supreme Court found Congressional delegation excessive.” Nonetheless, Judge Van Tatenhove seems to believe he has found the third. He mused, however, that “it may be useful for appellate courts to further develop the contours of the non-delegation doctrine, particularly in light of the pandemic.”
  • Tenth Amendment. As we all will remember from high school civics (if not from law school), the Tenth Amendment states that “powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people.” The Court expressed a “serious concern that Defendants have stepped into an area traditionally reserved to the States,” and held the Tenth Amendment provides an additional reason to enjoin the EO.

In short, Judge Van Tatenhove clearly believes the Plaintiffs, in this case, are likely to prevail on multiple statutory and constitutional bases.

The decision then goes on to discuss whether the President (through his delegated officials) failed to follow applicable administrative procedures in issuing the EO and the subsequent FAR clause. Here, the President fared better than he did with Plaintiffs’ constitutional arguments. The Court concluded that the Administration, while perhaps “inartful and a bit clumsy” at times, “likely followed the procedures required by statute.” The Court also concluded that the Administration did not act arbitrarily or capriciously (as defined by the APA). “The Court finds, based on the limited record at this stage in the litigation, that Defendants have followed the appropriate procedural requirements in promulgating the vaccine mandate.” But this all is little solace to the Administration as it would have been much easier to overcome a procedural error than a constitutional one — let alone the “serious Constitutional concerns” identified by Judge Van Tatenhove.

*Sheppard Mullin partners Jonathan AronieRyan RobertsAnne Perry, and associates Nikki SnyderEmily Theriault, and Dany Alvarado participated in drafting this Alert.

Copyright © 2021, Sheppard Mullin Richter & Hampton LLP.

Article by the Government Contracts Practice Group with Sheppard, Mullin, Richter & Hampton LLP.

For more about federal court orders and federal contractors visit the NLR Government Contracts Maritime & Military Law type of law page.

Sixth Circuit Deals Blow to OSHA’s Proposed Expedited Briefing Schedule, Says it Will Keep ETS Case

In what is getting to be habit in the OSHA ETS litigation with courts issuing orders late Friday afternoons, the Sixth Circuit on December 3, 2021 tersely denied a petition to transfer the case back to the Fifth Circuit.  In the same order, the Sixth Circuit also denied, without explanation, the union petitioners’ bid to transfer the case to the D.C. Circuit where there is pending litigation of the OSHA Healthcare ETS issued in June 2020.

The order perfunctorily addressed several pending motions on the docket, including OSHA’s motion for an expedited briefing schedule, which would have set the close of briefing on the merits for December 29, 2021 with oral argument held as soon as practicable thereafter.  In denying the motion, the Sixth Circuit stated little more than it was reserving judgment on setting a merits briefing schedule.  Obviously, there are a tremendous number of parties with varied interests and a multitude of legal arguments both statutory and Constitutional, which the court clearly recognizes are at play and likely require a schedule that is not rushed.

The next big issue for the court to tackle will be OSHA’s motion to dissolve the stay with the close of briefing just a week away on December 10, 2021.  Whether the court will dole out more good news for employers, states, and other challengers to the ETS for the holiday season is anybody’s guess, but a decision before the holidays seems imminent.

Article By Melanie L. Paul of Jackson Lewis P.C.

For more coronavirus legal news, click here to visit the National Law Review.
Jackson Lewis P.C. © 2021

Same As It Ever Was: FDA Reiterates That CBD Cannot Be Included in Food or Dietary Supplements

While we enter a new season this week, the same cannot be said for the FDA which, on November 16, reiterated that its approach to regulating the cannabidiol (CBD) industry will be “the same as it ever was”—a regulatory minefield. Grail Sipes, acting Deputy Center Director for Regulatory Policy at the FDA’s Center for Drug Evaluation and Research, emphasized the agency’s position that it needs additional CBD research and safety data before the agency will consider CBD for uses beyond prescription drugs, including usage as a food additive or dietary supplement. This, she said, is because “clear answers to many important questions are still lacking, such as what adverse reactions may be associated with CBD from hemp-derived products and what risks are associated with the long term use of these products.”

So why should industry stakeholders care about the FDA’s opinion anyway? Wasn’t hemp-derived CBD legalized at the federal level by the Agriculture Improvement Act of 2018, also known as the Farm Bill?

Yes, but as we discussed in a previous blog post, the FDA and FTC have overlapping enforcement authority over CBD marketing, with the FDA having primary authority over labeling. The FDA has previously issued guidance stating that CBD can be used as an ingredient in cosmetics so long as it does not cause the product to be “adulterated or misbranded.” However, a product containing CBD cannot be marketed as a drug absent FDA approval—a lengthy and costly process. Companies marketing CBD products must therefore ensure compliance with the FDA’s labeling requirements and guidance regarding CBD products.

The FDA has not been shy to issue warning letters to CBD companies that fail to heed the agency’s labeling requirements and guidance. Starting in April 2019, the FDA (together with the FTC) began issuing warning letters to companies marketing CBD products as treatments and cures for a variety of diseases and illnesses. Those agencies continued to issue warning letters for marketing and labeling violations throughout 2019, largely for improper health-based claims about CBD products (those letters are described in more detail here and here). The most recent iteration came in 2021 when the agencies issued two warning letters to companies selling over-the-counter (OTC) drugs for pain relief that contained CBD. Sipes made clear the FDA will continue to monitor the CBD marketplace and issue warning letters to companies making improper health claims in her November 16 comments.

Given these comments, we can expect the cat-and-mouse game between federal regulators and CBD companies that push the marketing envelope to continue. To mitigate the risk of falling within the FDA’s crosshairs, CBD companies must ensure compliance with the various state and federal regulations governing the labeling and advertising of their products. We provided several marketing dos and don’ts in a previous blog post. But given the FDA’s unchanging position, the biggest takeaway remains the same: don’t make claims that a CBD product “can prevent, treat, or cure” or a disease.

Article By Rachel L. Sodée and J. Hunter Robinson of Bradley Arant Boult Cummings LLP

For more news on biotech, food, and drug law, click here to visit the National Law Review.

© 2021 Bradley Arant Boult Cummings LLP