Category: Administrative & Regulatory

Handling an EPA Inspection: What to Do Before, During, and After the Process

Regardless of a company’s environmental compliance record, facing a U.S. Environmental Protection Agency (EPA) inspection can present significant risks. When conducting inspections, EPA inspectors and technical personnel examine all aspects of companies’ operations, and it is up to companies to demonstrate that enforcement action is unwarranted. When faced with uncertainty, EPA personnel will err on the side of non-compliance with EPA regulations, and this means that companies that are unable to affirmatively demonstrate compliance can find themselves facing unnecessary consequences under federal environmental laws.

With this in mind, all companies need to take an informed, strategic, and systematic approach to defending against EPA inspections. While EPA inspections can present significant risks, companies can—and should—manage these risks effectively. Effectively managing the risks of an EPA inspection starts with understanding what companies need to do before, during, and after the process.

To be clear, while there are several steps that companies can—and generally should—take to prepare for their EPA inspections, there is no single “right” way to approach the inspection process. A custom-tailored approach is critical, as companies facing scrutiny from the EPA must be prepared to address any and all compliance-related concerns arising out of their specific operations.

What to Do Before an EPA Inspection

With this in mind, what can companies do to maximize their chances of avoiding unnecessary consequences during an EPA inspection? Here are five steps that companies should generally take upon learning of an impending visit from EPA personnel:

1. Make Sure You Know What Type of EPA Inspection Your Company is Facing 

One of the first steps to take is to ensure that you know what type of EPA inspection your company is facing. The EPA conducts multiple types of inspections, each of which involves its own protocols and procedures and presents its own risks and opportunities. As the EPA explains:

“Inspections are usually conducted on single-media programs such as the Clean Water Act, but can be conducted for more than one media program. Inspections also can be conducted to address a specific environmental problem (e.g., water quality in a river), a facility or industry sector (e.g., chemical plants), or a geographic (e.g., a region or locality) or ecosystem-based approach (e.g., air or watershed).”

Under the EPA’s current approach to environmental compliance enforcement, most inspections fall into one of five categories:

  • On-Site Inspections – The EPA routinely conducts on-site inspections. During these inspections, EPA personnel may observe the company’s operations, collect samples, take photos and videos, interview company personnel, and review pertinent environmental compliance documentation.
  • Evaluations – The EPA conducts evaluations to assess facility-level compliance under the various federal environmental statutes. These evaluations may be either “full” or “partial,” with full compliance evaluations (FCEs) examining all pertinent areas of compliance and partial compliance evaluations (PCEs) “focusing on a subset of regulated pollutants, regulatory requirements, or emission units at a given facility.”
  • Record Reviews – Record reviews typically take place at an EPA field office or other government location, and they “may or may not be combined with field work.” With that said, in many cases, on-site inspections and record reviews go hand-in-hand.
  • Information Requests – An information request is, “an enforceable, written request for information to a regulated entity, a potentially regulated entity, or a potentially responsible party about a site, facility, or activity.” The EPA uses information requests to “substantiate the compliance status of [a] facility or . . . site,” and the EPA may issue an information request either in connection with or after conducting an on-site inspection.
  • Civil Investigations – The EPA describes civil investigations as, “an extraordinary, detailed assessment of a regulated entity’s compliance status, which requires significantly more time to complete than a typical compliance inspection.” In most cases, a civil investigation will follow an inspection that uncovers significant or systemic compliance failures.

2. Make Sure You Understand the Scope of the EPA’s Inspection 

After discerning the nature of the EPA’s inquiry, the next step is to ensure that you understand its scope. Is the EPA focusing on a specific environmental statute (i.e., the Recovery Act, the Clean Air Act (CAA) or Clean Water Act (CWA)); or, is it conducting a comprehensive assessment of environmental compliance? If the EPA is focusing on a specific environmental statute, is it focusing on all areas of compliance monitoring under the statute, or is it focusing on a particular enforcement priority like resource conservation? Answering these types of questions will be critical for efficiently implementing an informed defense strategy.

3. Locate All Relevant Compliance Documentation 

Once you know what the EPA will be looking for, the next step is determining what it is going to find when they request information. This begins with locating all of the company’s relevant compliance documentation. This will facilitate conducting an internal EPA compliance assessment (more on this below), and it will also allow the company to efficiently respond to document requests and other inquiries during the inspection process.

4. Conduct an Internal EPA Compliance Assessment (if There is Time)

If there is time, it will be important to conduct an internal EPA compliance assessment, like a mock audit, before the EPA’s inspection begins—unless the company has recently completed a systematic environmental compliance audit in compliance with the relevant EPA Audit Protocols. There is incentive for self-policing which incentivizes you to voluntarily discover and fix violations. If there is not time to conduct an internal assessment before the inspection begins, then this should be undertaken in parallel with the company’s inspection defense, with a focus on accurately assessing the risks associated with the inspection as quickly as possible.

5. Put Together Your EPA Inspection Defense Strategy and Team 

Effectively responding to an EPA inspection requires an informed defense strategy and a capable team. A company’s EPA inspection defense team should include appropriate company leaders and internal subject matter experts as well as the company’s outside EPA compliance counsel.

What to Do During an EPA Inspection

Here are some important steps to take once an EPA inspection is underway:

1. Proactively Engage with the EPA’s Inspectors and Technical Personnel 

Companies facing EPA inspections should not take a back seat during the process. Instead, they should seek to proactively engage with the EPA’s inspectors and technical personnel (through their EPA compliance counsel) so that they remain fully up to speed and can address any potential issues or concerns as quickly as possible.

2. Use the Company’s EPA Compliance Documentation to Guide the Process 

For companies that have a strong compliance record and clear documentation of compliance, using this documentation to guide the inspection process can help steer it toward an efficient and favorable resolution.

3. Carefully Assess Any Concerns About Non-Compliance 

If any concerns about non-compliance arise during the EPA inspection process, company leaders should work with the company’s EPA compliance counsel to assess these concerns and determine how best to respond.

4. Work with the EPA’s Inspectors and Technical Personnel to Resolve Compliance Concerns as Warranted 

If any of the EPA’s concerns about non-compliance are substantiated, companies should work with the EPA’s inspectors and technical personnel (through their EPA compliance counsel) to resolve these concerns as efficiently as possible—and ideally during the inspection process so that no follow-up interactions with the EPA are necessary.

5. Focus on Achieving a Final Resolution that Avoids Further Inquiry

Overall, the primary focus of a company’s EPA inspection defense should be on achieving a final resolution that avoids further inquiry. Not only can post-inspection civil investigations present substantial risks, but unresolved compliance concerns can leave companies (and their owners and executives) exposed to the possibility of criminal prosecution in some cases as well.

What to Do After an EPA Inspection 

Finally, here are some key considerations for what to do after an EPA inspection:

1. Complete Any Necessary Follow-Up as Efficiently as Possible 

If any follow-up corrective or remedial action is necessary following an EPA inspection, the company should prioritize completing this follow-up as efficiently as possible. Not only will this help to mitigate any penalty exposure, but it will also help mitigate the risk of raising additional concerns with the EPA.

2. Implement Any Lessons Learned 

If the EPA’s inspection resulted in any lessons learned, the company should also prioritize implementing these lessons learned in order to prevent the recurrence of any issues uncovered during the inspection process. This is true whether implementation involves making minor tweaks to the company’s documentation procedures or completing a substantial overhaul of the company’s environmental compliance program.

3. Use Systematic EPA Compliance Audits to Evaluate and Maintain Compliance 

Systematic auditing is one of the most efficient and most effective ways that companies can evaluate and maintain EPA compliance. For companies that are not using the EPA’s Audit Protocols already, working with experienced outside counsel to implement these protocols will be a key next step as well.

4. Challenge Any Unwarranted Conclusions as Warranted 

If the company’s EPA inspection resulted in unwarranted determinations of non-compliance, seeking to reverse the agency’s conclusions may involve working with its lawyers post-inspection. Depending on the circumstances, it may also involve going to court. Whatever it takes, ensuring that the company does not face unjustified penalties will be essential for both short-term and long-term environmental compliance risk management.

5. Prepare for Further Enforcement Action as Necessary 

If an EPA inspection results in substantial findings of non-compliance, it may be necessary to prepare for further enforcement action. Depending on the circumstances, this could involve facing a civil investigation, a criminal investigation conducted jointly by the EPA and the U.S. Department of Justice (DOJ), or litigation in federal court. Here, too, an informed and strategic defense is essential, and it will be critical to continue working with experienced EPA compliance counsel throughout this process.

Oberheiden P.C. © 2024
For more news on EPA Site Inspections, visit the NLR Environmental, Energy, & Resources section.

A Look at the Evolving Scope of Transatlantic AI Regulations

There have been significant changes to the regulations surrounding artificial intelligence (AI) on a global scale. New measures from governments worldwide are coming online, including the United States (U.S.) government’s executive order on AI, California’s upcoming regulations, the European Union’s AI Act, and emerging developments in the United Kingdom that contribute to this evolving environment.

The European Union (EU) AI Act and the U.S. Executive Order on AI aim to develop and utilize AI safely, securely, and with respect for fundamental rights, yet their approaches are markedly different. The EU AI Act establishes a binding legal framework across EU member states, directly applies to businesses involved in the AI value chain, classifies AI systems by risk, and imposes significant fines for violations. In contrast, the U.S. Executive Order is more of a guideline as federal agencies develop AI standards and policies. It prioritizes AI safety and trustworthiness but lacks specific penalties, instead relying on voluntary compliance and agency collaboration.

The EU approach includes detailed oversight and enforcement, while the U.S. method encourages the adoption of new standards and international cooperation that aligns with global standards but is less prescriptive. Despite their shared objectives, differences in regulatory approach, scope, enforcement, and penalties could lead to contradictions in AI governance standards between the two regions.

There has also been some collaboration on an international scale. Recently, there has been an effort between antitrust officials at the U.S. Department of Justice (DOJ), U.S. Federal Trade Commission (FTC), the European Commission, and the UK’s Competition and Markets Authority to monitor AI and its risks to competition. The agencies have issued a joint statement, with all four antitrust enforcers pledging to “to remain vigilant for potential competition issues” and to use the powers of their agencies to provide safeguards against the utilization of AI to undermine competition or lead to unfair or deceptive practices.

The regulatory landscape for AI across the globe is evolving in real time as the technology develops at a record pace. As regulations strive to keep up with the technology, there are real challenges and risks that exist for companies involved in the development or utilization of AI. Therefore, it is critical that business leaders understand regulatory changes on an international scale, adapt, and stay compliant to avoid what could be significant penalties and reputational damage.

The U.S. Federal Executive Order on AI

In October 2023, the Biden Administration issued an executive order to foster responsible AI innovation. This order outlines several key initiatives, including promoting ethical, trustworthy, and lawful AI technologies. It also calls for collaboration between federal agencies, private companies, academia, and international partners to advance AI capabilities and realize its myriad benefits. The order emphasizes the need for robust frameworks to address potential AI risks such as bias, privacy concerns, and security vulnerabilities. In addition, the order directs that various sweeping actions be taken, including the establishment of new standards for AI safety and security, the passing of bipartisan data privacy legislation to protect Americans’ privacy from the risks posed by AI, the promotion of the safe, responsible, and rights-affirming development and deployment of AI abroad to solve global challenges, and the implementation of actions to ensure responsible government deployment of AI and modernization of the federal AI infrastructure through the rapid hiring of AI professionals.

At the state level, Colorado and California are leading the way. Colorado enacted the first comprehensive regulation of AI at the state level with The Colorado Artificial Intelligence Act (Senate Bill (SB) 24-205), signed into law by Governor Jared Polis on May 17, 2024. As our team previously outlined, The Colorado AI Act is comprehensive, establishing requirements for developers and deployers of “high-risk artificial intelligence systems,” to adhere to a host of obligations, including disclosures, risk management practices, and consumer protections. The Colorado law goes into effect on February 1, 2026, giving companies over a year to thoroughly adapt.

In California, a host of proposed AI regulations focusing on transparency, accountability, and consumer protection would require the disclosure of information such as AI systems’ functions, data sources, and decision-making processes. For example, AB2013 was introduced on January 31, 2024, and would require that developers of an AI system or service made available to Californians to post on the developer’s website documentation of the datasets used to train the AI system or service.

SB970 is another bill that was introduced in January 2024 and would require any person or entity that sells or provides access to any AI technology that is designed to create synthetic images, video, or voice to give a consumer warning that misuse of the technology may result in civil or criminal liability for the user.

Finally, on July 2, 2024 the California State Assembly Judiciary Committee passed SB-1047 (Safe and Secure Innovation for Frontier Artificial Intelligence Models Act), which regulates AI models based on complexity.

The European Union’s AI Act

The EU is leading the way in AI regulation through its AI Act, which establishes a framework and represents Europe’s first comprehensive attempt to regulate AI. The AI Act was adopted to promote the uptake of human-centric and trustworthy AI while ensuring high level protections of health, safety, and fundamental rights against the harmful effects of AI systems in the EU and supporting innovation.

The AI Act sets forth harmonized rules for the release and use of AI systems in the EU; prohibitions of certain AI practices; specific requirements for high-risk AI systems and obligations for operators of such systems; harmonized transparency rules for certain AI systems; harmonized rules for the release of general-purpose AI models; rules on market monitoring, market surveillance, governance, and enforcement; and measures to support innovation, with a particular focus on SMEs, including startups.

The AI Act classifies AI systems into four risk levels: unacceptable, high, limited, and minimal. Applications that pose an unacceptable risk, such as government social scoring systems, are outright banned. High-risk applications, including CV-scanning tools, face stringent regulations to ensure safety and accountability. Limited risk applications lack full transparency as to AI usage, and the AI Act imposes transparency obligations. For example, humans should be informed when they are using AI systems (such as chatbots) that they are interacting with a machine and not a human so as to enable the user to make an informed decision whether or not to continue. The AI Act allows the free use of minimal-risk AI, including applications such as AI-enabled video games or spam filters. The vast majority of AI systems currently used in the EU fall into this category.

The adoption of the AI Act has not come without criticism from major European companies. In an open letter signed by 150 executives, they raised concerns over the heavy regulation of generative AI and foundation models. The fear is that the increased compliance costs and hindered productivity would drive companies away from the EU. Despite these concerns, the AI Act is here to stay, and it would be wise for companies to prepare for compliance by assessing their systems.

Recommendations for Global Businesses

As governments and regulatory bodies worldwide implement diverse AI regulations, companies have the power to adopt strategies that both ensure compliance and mitigate risks proactively. Global businesses should consider the following recommendations:

  1. Risk Assessments: Conducting thorough risk assessments of AI systems is important for companies to align with the EU’s classification scheme and the U.S.’s focus on safety and security. There must also be an assessment of the safety and security of your AI systems, particularly those categorized as high-risk under the EU’s AI Act. This proactive approach will not only help you meet regulatory requirements but also protect your business from potential sanctions as the legal landscape evolves.
  2. Compliance Strategy: Develop a compliance strategy that specifically addresses the most stringent aspects of the EU and U.S. regulations.
  3. Legal Monitoring: Stay on top of evolving best practices and guidelines. Monitor regulatory developments in regions in which your company operates to adapt to new requirements and avoid penalties and engage with policymakers and industry groups to stay ahead of compliance requirements. Participation in public consultations and industry forums can provide valuable insights and influence regulatory outcomes.
  4. Transparency and Accountability: To meet ethical and regulatory expectations, transparency and accountability should be prioritized in AI development. This means ensuring AI systems are transparent, with clear documentation of data sources, decision-making processes, and system functionalities. There should also be accountability measures in place, such as regular audits and impact assessments.
  5. Data Governance: Implement robust data governance measures to meet the EU’s requirements and align with the U.S.’s emphasis on trustworthy AI. Establish governance structures that ensure compliance with federal, state, and international AI regulations, including appointing compliance officers and developing internal policies.
  6. Invest in Ethical AI Practices: Develop and deploy AI systems that adhere to ethical guidelines, focusing on fairness, privacy, and user rights. Ethical AI practices ensure compliance, build public trust, and enhance brand reputation.
© 2024 Foley & Lardner LLP
For more news on AI Regulations, visit the NLR Consumer Protection section.

The Administration Creates New Pathways for DACA Recipients to Obtain Legal Status

Among the multiple executive actions the White House announced on June 18, 2024, was one stating it was taking steps to facilitate the process for certain Deferred Action for Childhood Arrivals (DACA) recipients to obtain work visas/status. DACA was created in 2012 by President Barack Obama as a means for immigrant youth who met certain eligibility requirements to qualify for work authorizations and obtain “deferred action.”

While DACA protection has enabled hundreds of thousands of individuals to legally work and live in the U.S., the program has faced considerable uncertainty since 2017, when the Trump administration initially sought to terminate the program, but was prevented from doing so in the federal courts.

The program continues to face legal challenges, and additional litigation before the U.S. Supreme Court is likely. Fundamentally, DACA is not a legal status – the reliance on “deferred action” simply reflects the U.S. Department of Homeland Security’s (DHS) decision not to bring immigration removal proceedings against a specific individual. While many DACA recipients and their employers have since sought to transition to a work visa or other legal status that Congress specifically established in the Immigration and Nationality Act (INA), the process for doing so is uncertain, expensive and cumbersome.

Since DACA recipients either entered without authorization or were out of status when they received DACA protection, they are typically ineligible for a transition to a lawful status within the U.S.

Instead, they are required under immigration law to “consular process” outside the U.S. and obtain a work visa at a U.S. consulate. The individual’s departure from the U.S. could trigger removal bars (similar to those described above), requiring the individual to obtain a temporary waiver of inadmissibility from the government. These waivers, known as “d3 waivers” based on the section of the INA to which they relate, can take months to obtain and the outcome of such a waiver is not certain. These cumulative issues have chilled the interest of many employers and DACA recipients in pursuing these waivers.

On July 15, 2024, the U.S. Department of State made changes to the Foreign Affairs Manual (FAM), which is controlling guidance for consular officers at U.S. Consulates on factors to consider when adjudicating waiver requests. The three primary changes that the DOS made to 9 FAM 305.4-3 are:

  1. Expanding the factors that would have a positive effect on U.S. public interests in granting a waiver to include circumstances “where the applicant has graduated with a degree from an institution of higher education in the United States, or has earned credentials to engage in skilled labor in the United States, and is seeking to travel to the United States to commence or continue employment with a U.S. employer in a field related to the education that the applicant attained in the United States….” These changes noted in bold are clearly designed to benefit many DACA recipients.
  2. The second change creates a mechanism for a waiver applicant whose request is denied by a consular officer to request State Department review in circumstances involving “significant public interest,” which in turn cross-references the factors above that are of particular benefit to DACA recipients.
  3. The FAM was also updated to reflect the ability of DACA recipients who have graduated from an educational program in the United States or are seeking to reenter the U.S. with a visa as beneficiaries of an offer of employment to request an expedite of the waiver request. This change is particularly critical as one of the greatest challenges that DACA recipients face when seeking a waiver is the uncertain adjudication period, which often stretches for months.

Collectively, these updates are significant and will benefit several DACA recipients who are beneficiaries of employer sponsorship. These pathways also create a mechanism for U.S. employers to transition DACA recipients from DACA, with its increasing uncertainty, to a more stable work visa. DACA recipients should, of course, plan prudently if considering a departure from the U.S. to apply for such a waiver and should also apply for advance parole before departing the U.S. so as to provide a mechanism for reentering the U.S. if the waiver request is denied.

© 2024 BARNES & THORNBURG LLP
by: Tejas ShahM. Mercedes Badia-Tavas of Barnes & Thornburg LLP
For more news on the DACA Executive Order, visit the NLR Immigration section.

US District Court Sets Aside the FTC’s Noncompete Ban on a Nationwide Basis

On August 20, the US District Court for the Northern District of Texas held that the Federal Trade Commission’s (FTC) final rule banning noncompetes is unlawful and “set aside” the rule. “The Rule shall not be enforced or otherwise take effect on its effective date of September 4, 2024, or thereafter.”

The district court’s decision has a nationwide effect. The FTC is very likely to appeal to the Fifth Circuit. Meanwhile, employers need not concern themselves for now with the rule’s notice obligations, and the FTC’s purported nationwide bar on noncompetes is ineffective. Employers do, however, need to remain mindful of the broader trend of increasing hostility to employee noncompetes.

The Court’s Decision

On April 23, the FTC voted 3-2 to publish a final rule with sweeping effects, purporting to bar prospectively and invalidate retroactively most employee noncompete agreements. The court’s decision addressed cross-motions for summary judgment on the propriety of the FTC’s rule. The court denied the FTC’s motion and granted the plaintiffs’ motion for two reasons.

First, the court held that the FTC lacks substantive rulemaking authority with respect to unfair methods of competition under Section 6(g) of the FTC Act. In reaching its holding, the court considered the statute’s plain language, Section 6(g)’s structure and location within the FTC Act, the absence of any penalty provisions for violations of rules promulgated under Section 6(g), and the history of the FTC Act and subsequent amendments. Because the FTC lacked substantive rulemaking authority with respect to unfair methods of competition, and hence authority to issue the final noncompete rule, the court did not consider additional arguments regarding the scope of the FTC’s statutory rulemaking authority. Notably, the court did not consider whether the final rule could overcome the major questions doctrine.

Second, the court held that the FTC’s final noncompete rule was arbitrary and capricious under the Administrative Procedure Act (APA) because it was “unreasonably overbroad without a reasonable explanation” and failed to establish “‘a rational connection between the facts found and the choice made.’” The court heavily discounted studies that the FTC had relied upon that purported to measure the impact of statewide noncompete bans because no state had ever enacted a ban as broad as the FTC’s ban: “[t]he FTC’s evidence compares different states’ approaches to enforcing non-competes based on specific factual situations — completely inapposite to the Rule’s imposition of a categorical ban.” “In sum, the Rule is based on inconsistent and flawed empirical evidence, fails to consider the positive benefits of non-compete agreements, and disregards the substantial body of evidence supporting these agreements.” The court further held that the FTC failed to sufficiently address alternatives to issuing the rule.

In terms of a remedy, the court “set aside” the FTC’s final noncompete rule. The “set aside” language is drawn verbatim from the APA. The court noted that the FTC’s argument that any relief should be limited to the named plaintiffs in the case was unsupported by the APA. Instead, the court noted that its decision has a nationwide effect, is not limited to the parties in the case, and affects all persons in all judicial districts equally.

Further Litigation

In addition to a likely FTC appeal to the Fifth Circuit, two other cases are pending that likewise challenge the FTC’s final noncompete rule. First, in ATS Tree Services v. FTC, pending in the Eastern District of Pennsylvania, the district court previously denied the plaintiff’s motion for a preliminary injunction. Second, in Properties of the Villages, Inc. v. FTC, pending in the Middle District of Florida, the court enjoined the FTC from enforcing the rule against the named plaintiffs. A final judgment in one of these cases that differs from the result in the Northern District of Texas could eventually reach the courts of appeals and potentially lead to a circuit split to be resolved by the US Supreme Court.

Takeaways for Employers

For now, the FTC’s noncompete rule has been set aside on a nationwide basis, and employers need not comply with the rule’s notice obligations. Noncompetes remain enforceable to the same extent they were before the FTC promulgated its final rule. Depending on how further litigation evolves, the rule could be revived, a temporary split in authority could arise leading to confusion where the rule is enforceable in certain jurisdictions but not in others, or the rule will remain set aside.

An important part of the court’s decision is its rejection of the FTC’s factual findings, which were made in support of the rule, as poorly reasoned and poorly supported. As we discussed in our prior client alerts, we anticipate that employees may cite the FTC’s findings to support challenges to enforceability under state law. The court’s analysis of the FTC’s factual findings may substantially undermine the persuasive authority of the FTC’s findings.

Employers should anticipate that noncompete enforcements in the coming years will remain uncertain as courts, legislatures, and government agencies continue to erode the legal and policy justifications for employee noncompetes. This counsels in favor of a “belt and suspenders” approach for employers to protect their legitimate business interests rather than relying solely on noncompetes.

© 2024 ArentFox Schiff LLP
For more on the FTC Noncompete Ban, visit the NLR Labor Employment section

United States | DHS Keeping Families Together Reduces Barriers for Noncitizen Spouses

The Department of Homeland Security today announced implementation of the Keeping Families Together process, which grants parole in place on a case-by-case basis to certain noncitizen spouses and stepchildren of U.S. citizens.

Key Points:

Additional Information: In its announcement, the agency stated, “Too often, noncitizen spouses of U.S. citizens — many of them mothers and fathers — live with uncertainty due to undue barriers in our immigration system. This process to keep U.S. families together will remove these undue barriers for those who would otherwise qualify to live and work lawfully in the U.S., while also creating greater efficiencies in the immigration system, conducting effective screening and vetting, and focusing on noncitizens who contribute to and have longstanding connections within American communities across the country.”

More information about the process can be found here.

©2024 Berry Appleman & Leiden. All Rights Reserved.
For more on DHS, visit the NLR Immigration section

Down to the Wire for Employers and FTC Noncompete Ban

Compliance Deadline Approaches

Employers are running out of time to comply with the FTC’s purported regulatory ban on non-competition agreements. The ban – announced on April 23, 2024 – is scheduled to take effect on September 4. 2024.

By that date, the regulation requires that employers notify all employees subject to noncompetes that the agreements will no longer be enforced. The only exceptions are existing agreements with “senior executives” who made at least $151,164 in the preceding year; these agreements are grandfathered. See our earlier alerts from April 23May 14, and July 8 for further discussion on developments relating to the ban.

So Far, No Nationwide Injunction Against FTC’s Ban

As previously reported, a federal court in Dallas issued a preliminary injunction against the regulation on July 3, 2024. The injunction, however, only affects the parties to the lawsuit and the district in which the lawsuit was brought. When she issued that preliminary injunction, Judge Ada Brown committed to rendering a final decision on the plaintiffs’ request for a permanent injunction by August 30,2024.

However, she specifically declined to give her preliminary injunction nationwide effect. In its motion in support of a permanent injunction, the U.S. Chamber of Commerce and other parties are arguing that the court is required to vacate the rule, with nationwide effect, because it was adopted in violation of the Administrative Procedure Act. We cannot predict whether she will do so.

Meanwhile, since the July ruling in Texas, two other federal courts have issued rulings on requests to enjoin the ban, one in Philadelphia in favor of the FTC by denying an injunction, and the other in central Florida in favor of the employer by granting one. As with the Texas case, the Florida injunction is not nationwide. Moreover, that judge has not yet issued an opinion, so we do not yet know his rationale for the injunction.

Now What?

Where does this leave employers? In the absence of a ruling invalidating the FTC ban nationwide, there is nothing to prevent the FTC from enforcing its ban beginning September 4 anywhere outside of Dallas and mid-Florida. As far as we know, only the Northern District of Texas is able to order such a ban when it issues its final decision on or before August 30.

Even though, based on her initial ruling, it is quite likely Judge Brown will enjoin the regulation permanently, it is unclear whether she will take the additional step of giving her injunction nationwide effect.

To comply with the regulation, employers should prepare to act by September 4. We recommend creating a list of all current and former “workers” (defined as any service providers regardless of classification) subject to noncompete agreements and a written communication that meets the regulation’s notice requirements.

Unless a new order appears enjoining enforcement of the ban nationwide before September 4, employers will need to send out that communication in order to be in compliance. The requirements for sending the notice include identifying the “person who entered into the noncompete clause with the worker by name” (we don’t know if this means the individual or the entity) and hand delivering or mailing the notice to the worker’s last known mailing address, or to the last known email address or mobile phone number (by text). The full text of the rule, including a model communication from the FTC, can be found at pages 3850-06 of the May 7, 2024, Federal Register.

©2024 Pierce Atwood LLP. All rights reserved.
For more on the Noncompete Ban, visit the NLR Antitrust Trade Regulation section.

FTC Releases Controversial Interim Staff Report on PBMs’ Purported Impact on Drug Prices

At an Open Commission Meeting on August 1, 2024, the Federal Trade Commission (FTC) presented a report prepared by its staff entitled Pharmacy Benefit Managers: The Powerful Middlemen Inflating Drug Costs and Squeezing Main Street Pharmacies.

Although characterized as “interim,” the report posits the following observations about pharmacy benefit managers (PBMs):

  • “PBMs have gained significant power over prescription drug access and prices through increased concentration and vertical integration.”
  • “Increased concentration and vertical integration may have enabled PBMs to lessen competition, disadvantage rivals, and inflate drug costs.”
  • “The largest PBMs’ outsized bargaining leverage may operate to the disadvantage of smaller unaffiliated pharmacies.”
  • “PBM and brand drug manufacturer rebate contracts may impair or block less expensive competing products, including generic and biosimilar drugs.”
  • “PBMs lead to higher prices” (a conclusion based on only two case studies).

Commissioner Melissa Holyoak, in dissenting from the release of the report, stated that “the Report was plagued by process irregularities and concerns over the substance—or lack thereof—of the original order. In fact, the politicized nature of the process appears to have led to the departure of at least one senior leader at the Commission.” Commissioner Holyoak added that “[e]ven if the Report’s assertions of increasing concentration are accurate, increased concentration ‘does not prove that competition in that market has declined.’ Though the Report baldly asserts that PBMs ‘have gained significant power over prescription drug access and prices,’ the Report does not present empirical evidence that demonstrates PBMs have market power—i.e., ‘the ability to raise price profitably by restricting output.”’

Commissioner Andrew N. Ferguson, although concurring in the release of the report, was likewise critical of the process and its findings. In particular, Commissioner Ferguson found the report to be “especially unusual” in that it “relies, throughout, in large part on public information that was not collected from the PBMs or their affiliates during the 6(b) process.” Furthermore, Commissioner Ferguson was critical of the finding, based on only two case-study drugs, that PBMs lead to higher prices and pleaded with the FTC “to determine whether these findings are representative of market dynamics for other drugs.” He added that “[w]e need to understand whether any anticompetitive or unfair or deceptive acts or practices on the part of PBMs or any other market participants are contributing to these prices.”

©2024 Epstein Becker & Green, P.C. All rights reserved.
For more on PBMs, visit the NLR Biotech Food Drug section

FCC’s New Notice of Inquiry – Is This Big Brother’s Origin Story?

The FCC’s recent Notice of Proposed Rulemaking and Notice of Inquiry was released on August 8, 2024. While the proposed Rule is, deservedly, getting the most press, it’s important to pay attention to the Notice of Inquiry.

The part which is concerning to me is the FCC’s interest in “development and availability of technologies on either the device or network level that can: 1) detect incoming calls that are potentially fraudulent and/or AI-generated based on real-time analysis of voice call content; 2) alert consumers to the potential that such voice calls are fraudulent and/or AI-generated; and 3) potentially block future voice calls that can be identified as similar AI-generated or otherwise fraudulent voice calls based on analytics.” (emphasis mine)

The FCC also wants to know “what steps can the Commission take to encourage the development and deployment of these technologies…”

The FCC does note there are “significant privacy risks, insofar as they appear to rely on analysis and processing of the content of calls.” The FCC also wants comments on “what protections exist for non-malicious callers who have a legitimate privacy interest in not having the contents of their calls collected and processed by unknown third parties?”

So, the Federal Communications Commission wants to monitor the CONTENT of voice calls. In real-time. On your device.

That’s not a problem for anyone else?

Sure, robocalls are bad. There are scams on robocalls.

But, are robocalls so bad that we need real-time monitoring of voice call content?

At what point, did we throw the Fourth Amendment out of the window and to prevent what? Phone calls??

The basic premise of the Fourth Amendment is “to safeguard the privacy and security of individuals against arbitrary invasions by governmental officials.” I’m not sure how we get more arbitrary than “this incoming call is a fraud” versus “this incoming call is not a fraud”.

So, maybe you consent to this real-time monitoring. Sure, ok. But, can you actually give informed consent to what would happen with this monitoring?

Let me give you three examples of “pre-recorded calls” that the real-time monitoring could overhear to determine if the “voice calls are fraudulent and/or AI-generated”:

  1. Your phone rings. It’s a prerecorded call from Planned Parenthood confirming your appointment for tomorrow.
  2. Your phone rings. It’s an artificial voice recording from your lawyer’s office telling you that your criminal trial is tomorrow.
  3. Your phone rings. It’s the local jewelry store saying your ring is repaired and ready to be picked up.

Those are basic examples, but for them to someone to “detect incoming calls that are potentially fraudulent and/or AI-generated based on real-time analysis of voice call content”, those calls have to be monitored in real-time. And stored somewhere. Maybe on your device. Maybe by a third-party in their cloud.

Maybe you trust Apple with that info. But, do you trust someone who comes up with fraudulent monitoring software that would harvest that data? How do you know you should trust that party?

Or you trust Google. Surely, Google wouldn’t use your personal data. Surely, they would not use your phone call history to sell ads.

And that becomes data a third-party can use. For ads. For political messaging. For profiling.

Yes, this is extremely conspiratorial. But, that doesn’t mean your data is not valuable. And where there is valuable data, there are people willing to exploit it.

Robocalls are a problem. And there are some legitimate businesses doing great things with fraud detection monitoring. But, a real-time monitoring edict from the government is not the solution. As an industry, we can be smarter on how we handle this.

© 2024 Troutman Amin, LLP
For more on the FCC, visit the NLR Communications Media Internet section

DOJ Implements New Whistleblower Reward Program

Companies who submit healthcare claims to private payors, provide financial services to customers, interact with domestic or foreign public officials, or otherwise operate in highly regulated industries should take note that the Department of Justice (DOJ) has taken another significant step in its ongoing effort to encourage new whistleblowers with information about potential corporate criminal malfeasance to report that information to the government. On August 1, 2024, the DOJ announced its long awaited Corporate Whistleblower Awards Program. The program seeks to fill “gaps” in existing whistleblower programs by providing awards of up to 30% of forfeited proceeds for reporting criminal conduct that is not otherwise covered by an existing system for awarding whistleblowers. The silver lining for companies is that the program incentivizes the whistleblowers to cooperate with the company’s internal compliance function. DOJ also provides for a presumptive declination of criminal charges for companies that self-report to DOJ within 120 days of the time the issue is first raised internally by the whistleblower, providing strong incentives for companies to investigate issues quickly.

The program represents the DOJ’s latest effort to increase the number of voluntary self-disclosures of corporate criminal activity. In January 2023, the DOJ announced its revised Corporate Enforcement and Voluntary Self Disclosure Policy, which sought to expand the incentives for companies to voluntarily self-disclose misconduct, cooperate with DOJ investigations, and take prompt and full remedial measures. The policy’s primary incentive was the prospect of a presumed declination for companies who followed its mandates.

As we discussed in a previous post, efforts to increase voluntary self-disclosures continued in April 2024 when the DOJ launched a Pilot Program on Voluntary Self Disclosures for Individuals. That initiative expanded the scope of potential whistleblowers by including those complicit in wrongdoing, granting them eligibility for immunity from prosecution in return for reporting the activity. In substance, that structure incentivized both individual wrongdoers and the corporations for whom they worked to be the first to report criminal activity. By pitting the would-be whistleblowers and the companies against each other, the DOJ effectively constructed a prisoners’ dilemma where the government stood to benefit regardless of which party acted first.

The program is a different verse from the same hymnal. It offers a different (but more traditional) incentive for whistleblowers – the opportunity for financial reward – while maintaining the goal of increasing the number of voluntary self-disclosures. The program seeks to achieve that objective by motivating those who are aware of misconduct, but perhaps are otherwise unable to qualify for a bounty under the current framework or otherwise uninterested in reporting the activity without a personal benefit.

The Basic Framework

Under the program, eligible individuals who voluntarily provide original information to the government in certain areas of focus and cooperate with the resulting investigation stand to receive 30% of any criminal or civil forfeitures over $1 million in accordance with a defined payment priority. The program lays out a basic structure for determining whether an individual is entitled to an award, but also affords the DOJ substantial discretion in deciding whether to make such awards, and in what amount. The key elements are:

  • Areas of focus – The program identifies four subject matter areas: 1) violations by financial institutions, their insiders and agents involving money laundering, fraud, and fraud against or non-compliance with regulators; 2) foreign corruption and bribery and violations of money laundering statutes; 3) domestic corruption violations including bribes and kickbacks paid to domestic public officials; and 4) healthcare offenses involving private or non-public healthcare benefit programs and fraud against patients, investors or other non-governmental entities in the healthcare industry, or other violations of federal law not covered by the federal False Claims Act (FCA).
  • Eligible individuals – The program excludes several categories of individuals, including those eligible to report under other whistleblower programs and those who “meaningfully participated” in the criminal activity reported (although those who played a “minimal role” can still participate).
  • “Original information” – Essentially, independent non-public knowledge or analysis in the individual’s possession is considered “original” information. Notably, information can be deemed “original” if it “materially adds to the information that the Department already possesses.” Information that the individual has already reported through the company’s internal whistleblower, legal or compliance procedures can still be deemed “original,” provided the individual also reports that information to the government within 120 days of reporting internally. Privileged information is not considered “original” unless the crime, fraud or other exception to state attorney conduct rules apply.
  • “Voluntary” submission – The information must be reported before the DOJ or any federal law enforcement or civil enforcement agency initiates any inquiry relating to the subject matter.
  • “Cooperation” – Individuals who report must also cooperate fully with the DOJ’s investigation, including by participating in interviews, testifying before a grand jury or at trial, producing documents and, if requested, working in a “proactive manner” with federal law enforcement. This could include clandestine activities to gather evidence, such as recording phone calls or wearing a wire.
  • Criteria for determining amount of award – The program lists several factors that could militate in favor of increasing or decreasing the whistleblower’s financial award. Increases may be justified by the significance of the information provided, by the nature and extent of assistance provided, and, notably, by participation in internal compliance programs. Decreases may be appropriate where the reporting individual was a minimal participant in the underlying activity, or where the individual unreasonably delayed reporting, interfered with the company’s internal compliance and reporting systems, or had management or oversight responsibilities over the offices or personnel involved in the conduct.
  • Payment priority – When the victim is an individual, he or she must first be compensated “to the fullest extent possible” before a whistleblower can recover. When the victim is a corporate entity or government agency, the whistleblower jumps the line and is compensated first.
  • Relationship to the Corporate Enforcement and Voluntary Self Disclosure Policy – While the program incentivizes whistleblower reports to the DOJ, a simultaneous amendment to the self-disclosure policy provides that “if a whistleblower makes both an internal report to a company and a whistleblower submission” to the DOJ, companies who self-report that conduct within 120 days of the internal report “will still qualify for a presumption of a declination[.]” This amendment underscores the DOJ’s focus on increasing self-disclosures, inasmuch as it effectively removes the need for them to be truly “voluntary.” A company that receives a complaint through its whistleblower program may still be eligible under the self-disclosure policy even if the individual has already reported the conduct to the DOJ, but it has a limited time to investigate and decide whether to self-report the conduct.

Key Takeaways

Reading the tea leaves, we see several potentially significant takeaways for companies evaluating the program’s likely impact.

  1. As a starting point, companies should evaluate whether and to what extent their operations create new reporting opportunities under the program, and thus necessitate action. That process should involve answering the following questions:
    • Does the company operate in one of the areas of focus? If so, the program creates new opportunities and incentives for whistleblowers, and the company must assess whether it is prepared to address an increase in reports and to recognize that a reporter may have already disclosed information to the DOJ.
    • Is the company publicly traded? If so, the company is already subject to the Sarbanes-Oxley Act (SOX), which should mean that systems are already in place to receive, investigate and determine whether to take action, including potentially making a voluntary self-disclosure. The program provides an opportunity to reassess the efficacy of those systems but should not necessarily require the creation of new ones. Note that even those companies with existing whistleblower programs should consider the need to expand those systems to cover new areas of focus. For example, a company with a SOX whistleblower policy should consider the need to expand its scope to cover domestic corruption violations, which may not otherwise be covered.
    • Does the company submit claims to government payors? If so, it is already subject to the FCA and should already have a system in place to analyze internal compliance concerns. If that system focuses on or prioritizes issues regarding government payors, the company should expand its focus to include claims and conduct regarding private payors, which may now be subject to whistleblower bounties under the program.
  2. For privately held companies operating in the areas of focus that are not subject to the FCA, the program necessitates a thorough and candid assessment of the risk the program creates. Depending on the extent of that danger, companies should consider the following measures:
    • Create, or enhance as necessary, internal reporting mechanisms to receive and evaluate whistleblower reports.
    • Publicize the company’s expectation that employees should promptly report concerns internally about potential violations of law or company policy, making clear that no retaliation will result from reports made in good faith.
    • Design a process for investigating whistleblower reports based on their nature and seriousness. Establish criteria for identifying those that can be investigated by HR, those that require the involvement of in-house counsel, and those that must be handled by outside counsel. If there is any possibility of criminal exposure, ensure an appropriate investigation is conducted and concluded in time to allow the company to determine whether to self-report in the 120-window for a presumptive declination.
  3. All companies should have in place a system for quickly and accurately evaluating whether to voluntarily self-disclose violations. This process is a multi-factor calculus that considers a range of factors, including primarily the merits of the underlying information and the amount of financial loss or gain that resulted. While decision-making in this context varies by situation, one essential element remains constant: the need for accurate information regarding the nature, scope and effect of the underlying conduct.

Only time will tell exactly how the program will impact the number and nature of whistleblower reports. But companies can take practical steps now to gauge whether and to what extent they are likely to be affected and begin installing the measures necessary to minimize the risk that might otherwise result.

Listen to this post 

© 2024 Bradley Arant Boult Cummings LLP
For more on Whistleblowers, visit the NLR Criminal Law Business Crimes section

OSHA Proposes New, Far-Reaching Workplace Heat Safety Rule

In July 2024, the Department of Labor’s Occupational Safety and Health Administration (OSHA) announced a proposed rule (the “Proposed Rule” or “Rule”) aimed at regulating and mitigating heat-related hazards in the workplace. If enacted, the long-anticipated Rule will have far-reaching impacts on businesses with employees who work in warm climates or who are otherwise exposed to heat-related hazards.

According to OSHA, out of all hazardous weather conditions, heat is the leading cause of death in the U.S. The Proposed Rule seeks to protect employees from hazards associated with high heat in the workplace and would apply to both indoor and outdoor work settings. Among other requirements, the Proposed Rule would mandate that employers evaluate heat-related workplace hazards and implement a Heat Illness and Injury Prevention Plan (HIIPP) to address heat hazards through methods which include rest breaks, shade requirements, the provision of drinking water, acclimatization procedures, heat monitoring, and other tactics to protect workers. The proposed HIIPP requirement takes cues from state-level occupational safety and health agencies — like Cal/OSHA (California) and Oregon OSHA — which have already implemented heat safety and HIIPP requirements.

One provision of the Proposed Rule that has garnered significant attention is the paid rest break provision. As currently drafted, the Proposed Rule would require employers to provide one paid15-minute rest break every two hours on days where the heat index reaches 90° F or higher. The paid rest break provision implicates questions about the concurrent application of the Fair Labor Standards Act. For example, does this 15-minute break period count toward an employee’s “hours worked” for the purposes of calculating overtime?

Moreover, in light of the Supreme Court’s recent decision in Loper Bright Enterprises v. Raimondo — in which the court overturned the longstanding principle of deference to agency interpretations previously set out under the 1984 Chevron U.S.A., Inc. v. Natural Resources Defense Council, Inc. case — significant questions remain about whether far-reaching mandates (like the paid rest break provision) are within OSHA’s authority. Given this new administrative landscape, if the Proposed Rule is enacted, we can expect challenges stemming from Loper Bright.

The Proposed Rule has not yet been published in the Federal Register. However, when such publication occurs, the Rule will be open to commentary from the public before becoming final. When OSHA announced the Proposed Rule, it simultaneously “encourage[d] the public to participate by submitting comments when the proposed standard is officially published in the Federal Register[,]” in order to “develop a final rule that adequately protects workers, is feasible for employers, and is based on the best available evidence.”

For more information regarding how to provide comments on this Proposed Rule, visit https://www.osha.gov/laws-regs/rulemakingprocess#v-nav-tab2.

© 2024 Foley & Lardner LLP
For more on OSHA, visit the NLR Labor Employment section