A Lawyer’s Guide to Enterprise Telecommunications Services Agreements—Part 2

This is the second entry in our series on enterprise telecommunications services agreements, providing a framework for addressing the customer’s interests and risks in enterprise telecommunications services agreements.

While each carrier’s standard agreement is different, these agreements have three core components:

  1. The carrier’s standard policies and rules applicable to its services
  2. The legal terms and conditions or master agreement
  3. The business deal

Aspects of the business deal are distributed among these components.

Standard Policies and Rules

Carriers’ standard policies and rules governing customers’ use of its services primarily reside online and are incorporated by reference into services agreements. These include the carrier’s:

  • Acceptable Use Policy (AUP)
  • Network Security Policy
  • Privacy Policy
  • Service Level Agreements (SLAs) (sometimes SLAs are provided as attachments to the master agreement)
  • Service Pricing Schedules

Carriers reserve the right to modify these documents by posting revisions online with customer’s recourse for problematic changes limited to the right to terminate the service or the agreement—a non-starter for customers. As discussed below, changes to pricing schedules are intended to be less impactful.

The AUP sets out prohibited uses or abuses of its services that a carrier believes will damage its network, violate laws, or impair use of the service by others. The scope can be very broad, addressing such matters as copyright violations, interference with carrier network operations, and limitations on how the service may be used. To minimize uncertainty, the carrier may agree that the AUP, in effect on an agreement’s effective date, controls for the life of the agreement. For violations, carriers reserve the right to terminate service. This poses an untenable risk to enterprises that largely shares the carrier’s interest in stopping any abuse.

A customer-oriented approach is to add a provision to the agreement that states, in the event of an alleged or actual potential AUP violation, the carrier shall promptly notify the customer of the abuse, providing a brief period to remedy the offending conduct or demonstrate that there was no violation. The carrier may insist on the right to suspend the affected service until the violation ceases. This approach underscores the importance of inclusion of a thoughtful precedence clause so that an agreed modification to the AUP, and to any other online document, controls in the event of a conflict.

A carrier’s privacy policy must reasonably meet the most stringent state and foreign privacy laws in which it operates, which suggests major carriers’ policies are reasonably comprehensive. However, the prospective carrier’s policy should be reviewed to determine whether major gaps or variances exist as compared to the enterprise’s privacy policy. Several carriers maintain and update network security policies and practices that may be summarized in a Network Security Policy document. This document is both high level and non-negotiable. It is provided as an assurance that the carrier is vigilant in maintaining network security.

SLAs are service-specific and vary among carriers. Whether an SLA is sufficient is a business decision. SLAs specify latency, availability, Mean Time to Repair (MTTR) other technical performance requirements, and may include customer reporting obligations, escalation procedures, and billing credits for outages. Invariably, outage credits are nominal.  As a rule, the substance of SLAs is not negotiable, but the consequences of recurring SLA violations may be addressed, as discussed below.

The rates in the service pricing schedules are the carriers’ “rack rates.” A key element of the business deal is the negotiated rates for the desired services. These are included in attachments to the master agreement. The carriers routinely agree that the negotiated rates take precedence over rates in their pricing schedules.

Terms and Conditions (Master Agreement)

The legal terms and conditions that the enterprise has adopted for its template agreements are an appropriate baseline for assessing the legal terms and conditions of the carriers’ standard agreements. Negotiated provisions in cloud services agreements or collocation agreements may be relevant as well.

The termination right in most agreements for material breach has limited value in telecommunications services agreements. Problems tend to be service- or location-specific. An unplanned transition of hundreds of locations to a replacement carrier is not an optimum outcome for many customers. However problematic the service, connectivity to enterprise locations must be maintained. Persistent, significant billing or provisioning issues may warrant termination.

On the other hand, a tiered set of remedies that include a partial termination right is likely more helpful. Recurring SLA violations could trigger a carrier to conduct a root cause analysis and provide a remediation plan or a reprovisioning obligation for the affected service or customer location(s). If the problem persists, the customer should have the option to terminate the affected service(s). The incumbent carrier should be obligated to continue to deliver the problematic service, including any access component, for at least 90 days without charge, and the incumbent should be obligated to support the transition to another carrier’s replacement service.

Carriers limit their damages to an amount equal to the affected services or the negotiated minimum commitment securing cover damages is a challenge. As with partial terminations, a realistic transition period for continued service and support in migrating to replacement services should be part of any remedy for the carrier’s material breach of the agreement.

Customer preferences on dispute resolution (litigation or arbitration) and venue should be negotiated. Mutual disclaimers on consequential damages are standard. Choice of law may be a greater concern for agreements with substantial international and foreign services. An informal billing dispute process that precedes formal dispute resolution is recommended, as carrier billing systems and processes are often problematic.

SLAs are the service warranties—implied warranties of fitness for a particular purpose and merchantability are disclaimed. An intellectual property warranty is not routinely offered to customers. The carriers’ agreements often do include an intellectual property indemnity and may include personal injury and property damage indemnities, all of which warrant review by enterprise counsel.

A confidential Information provision should encompass information relating to the customer’s traffic and usage levels, network design, and any consolidated list of enterprise locations, even if not marked “Confidential.” The customer information provided in RFPs to carriers should be included within the scope of this provision. The carrier will likely insist that the agreement and negotiated pricing be kept confidential.

A less-obvious consideration is what happens at contract expiration. For enterprises with hundreds of locations, transitions entail monetary costs and operational challenges.  Existing services must remain until replacement services are provisioned to customer locations.  Generally, installed services remain in use until orders to disconnect are placed with the lame-duck carrier, but negotiated rates routinely revert to that carrier’s standard pricing schedule rates—increasing 50% or more at contract expiration. Thus, a clause is warranted to ensure reasonable end-of-contract transition support and price stability (contract rates remain in effect) for a defined period.

The Business Deal

Negotiated rates and charges are lower than rates in carriers’ pricing schedules and, preferably, are expressed as fixed rates, rather than percentage discounts of rates in pricing schedules. Carriers acknowledged negotiated rates take precedence over rates in pricing schedules. Non-recurring charges, principally provisioning costs, are often waived if the services remain in place for a defined period.

Carriers do not push aggressively for “exclusive service provider status.”  Customer preferences for an accountable service provider (or “one throat to choke”) and the integrated nature of enterprise voice and data services, coupled with the minimum expenditure commitment (either per year or for the contract term) often deliver a satisfactory outcome for a carrier. A customer’s failure to meet their minimum commitment typically triggers a shortfall payment obligation.

There are two other noteworthy pricing related provisions: (1) as noted above, a pricing review clause that requires at least one pricing review during a three-year term that allows the customer to call upon a reputable pricing consultant to assist in keeping rates at current market levels; and (2) a “business downturn” provision. This provision mitigates the risk of a substantial shortfall payment when a customer projects they are unlikely to meet their minimum expenditure commitment due to business slow-downs or a business unit sale or divestiture.

Other relevant non-pricing provisions are a customer option for one or two one-year renewal terms, as noted above; a technology review/upgrade clause, though drafting such a provision can be a challenge; and an account team support clause to ensure regular communications between enterprise staff and responsible carrier account team members.

© 2020 Keller and Heckman LLP
For more articles on enterprise telecommunications services agreements, visit the National Law Review Communications, Media & Internet section.

FDA in 2020: What a Year!

What a year for the Food and Drug Administration! FDA, an agency with regulatory oversight of 20-25% of products on which consumers spend, including food and medicines, but which typically stays out of the limelight, was thrust into the public eye amidst the COVID-19 pandemic. This was the year many Americans became familiar with lesser-known and niche policies like those governing emergency use authorizations (EUAs) and with the role of FDA in regulating laboratory developed tests (LDTs). The agency also took some flak for seeming to bow to political pressure in authorizing hydroxychloroquine for emergency use as a potential COVID-19 treatment, then rescinding the authorization, as well as for its less-than-accurate pronouncements of positive data concerning convalescent plasma treatment. These were reminders that the agency Americans trust to protect the public does get things wrong sometimes and is susceptible in some ways to political pressure, and that effectively ensuring the public health requires a balance between safety and effectiveness and patient access to medical products. As we look ahead, we eagerly anticipate how FDA will protect and promote public health in a Biden administration.

In this post we’ll explore the FDA’s device law and policy activities from 2020. A future post will cover drug and biologics law and policy.

COVID-19 Diagnostics

FDA and the Centers for Disease Control and Prevention (CDC) received a lot of mostly negative attention early in the COVID-19 pandemic for well-documented (including by us) missteps related to testing. Since then, there has been a significant increase in the number of tests authorized by FDA for point-of-care (POC) uses in various patient-care settings such as clinics, emergency departments, physicians’ offices, and outdoor or mobile COVID-19 testing sites. Additionally, some tests allow patients to collect samples at home, but those samples need to be sent to a lab for processing because there are no widely available FDA-authorized test kits to diagnose COVID-19 that can be used fully at home (i.e., for collection and processing). FDA did authorize a prescription test kit that allows for at-home collection and processing of samples to detect SARS-CoV-2 (the virus that causes COVID-19) in November 2020, but expectations are that it will not be available to the public until early 2021. And on December 9, the agency authorized the first non-prescription specimen collection kit, which the consumer then sends to a clinical lab for processing; should the lab’s testing results be positive or indeterminate, a physician contacts that consumer to advise him or her regarding next steps. Our prior posts go into great detail about the state of affairs of COVID-19 diagnostic testing; see here and here.

In addition to handling hundreds of EUAs relating to COVID-19 tests, FDA also developed a SARS-CoV-2 reference panel providing a standard baseline for test kit validation testing and began releasing performance testing results from manufacturers and clinical laboratories using the reference panel.

A key question remains: have COVID-19 testing capacity and capabilities advanced to the point of allowing the type of reopening of the country that many of us have desired since March? Sadly, our assessment is that while there have been impressive advances in COVID-19 diagnostic testing, we are still not seeing deployment of rapid, point-of-need tests that could be used at airports, stadia, or other public venues including many workplaces. Rather than testing, the Trump Administration’s focus has been on vaccines and other therapeutics.

Laboratory Developed Tests

In August 2020, the Department of Health and Human Services (HHS), in an unsigned statement posted on its website and not published in the Federal Register, barred FDA from requiring premarket review for any LDT, including those for COVID-19, unless FDA goes through formal rulemaking procedures. This was not terribly surprising because the Trump Administration’s posture toward regulating without clear authority (and sometimes even with it) had been well-understood as unwelcome. But the August action was simultaneously unsurprising and fairly insignificant because FDA had not been requiring LDT developers to submit their tests for premarket review and was deprioritizing review of EUA requests for COVID-19 LDTs in favor of traditional, kit-based in vitro diagnostics (IVDs) from commercial manufacturers.

Further, FDA has been a key partner to Congress and the laboratory community in designing a legislative framework for LDT oversight in recent years. That effort resulted in the introduction earlier this year of the Verifying Accurate and Leading-edge IVCT Development (VALID) Act, which we covered in prior posts, and which aims to reform the federal oversight regimes for both LDTs and IVDs. In November, the issue of FDA review of COVID-19 LDTs resurfaced again when HHS appeared to reverse itself by ordering FDA to review COVID-19 LDTs to assure that those tests could enjoy PREP Act protection.

From the events of this past year, it is clear that the regulatory framework and policies surrounding LDTs will be a prominent topic of debate in 2021. However, we expect there will be no quick resolution of these issues, either at a legislative or agency policy level, in the short term and that LDTs will likely remain in a gray area of FDA regulation and policy for the foreseeable future.

Digital Health

While COVID-19 is undoubtedly FDA’s top priority, the agency has taken actions to advance other policy and programmatic goals this year. In September, FDA announced the establishment of the Digital Health Center of Excellence, which is envisioned to be a multi-center effort for developing, coordinating, and implementing comprehensive, agency-wide digital health policies and programs. We explored this idea and noted some concerns in our previous post here. What’s important about this 2020 development is that, despite the current once-in-a-century public health emergency, FDA devoted what must be limited resources to laying the groundwork for the Digital Health Center of Excellence, suggesting that as we move into appropriations season and, perhaps more consequentially, the user fee negotiations, FDA will be prioritizing and seeking additional support for digital health.

510(k) & PMA Reform

In our 2019 year in review post for devices, we detailed significant proposed changes to the premarket notification (commonly known as “510(k)”) and premarket approval (PMA) pathways. With respect to 510(k)s, the optional Safety and Performance Based Pathway relies on comparisons of devices to criteria (like consensus standards) rather than the technological characteristics of a predicate device that is already on the market. The Safer Technologies Program builds on the Breakthrough Devices Program by enabling earlier and more frequent interactions with FDA for devices that may not meet the stringent breakthrough criteria, but which could still be beneficial for patients. FDA’s PMA proposal would allow a device to be marketed based on a demonstration of a reasonable assurance of safety only, with reasonable assurance of effectiveness needing to be demonstrated soon after marketing authorization (often referred to as “progressive” or “conditional” approval). This fairly substantial change to the PMA process would require Congress to amend the Federal Food, Drug, and Cosmetic Act.

Progress on implementing these proposals stalled due to the COVID-19 pandemic and two clouds now loom over them: the new administration and the question of which party will control the Senate. Senate Democrats have long been skeptical of FDA’s attempts to change the device regulatory model, fearing it is too industry-forward and lacks much-needed safety oversight. A new Biden-appointed FDA Commissioner may similarly be unenthusiastic about proposals that appear to make it easier to get products to market without thorough vetting. Pressure from a Democrat-controlled Congress on a Democratic administration would do little to help advance these proposals. FDA’s device program may, however, still benefit from a Democrat-controlled Senate in that Democrats may be more willing to fund the nascent National Evaluation System for health Technology (NEST), on which many of FDA’s plans for improved safety surveillance and premarket review rest. And we have yet to see the types of investments both Congress and industry will be making in the upcoming user fee reauthorization process.

Missed Deadlines

FDA’s Center for Devices and Radiological Health (CDRH), like other FDA organizational units, has statutory mandates, user fee commitments, and other self-imposed goals to meet, which include commitments to publish new regulations, make reports to Congress, draft or finalize guidance documents, and goals for completing premarket reviews for new medical devices. We have unfortunately seen CDRH miss some deadlines this year, which we hope is not a pattern of the center setting goals so lofty it cannot reasonably meet them, or of the center choosing to prioritize its own goals over those set by Congress.

For example, CDRH missed a statutory requirement in the 2017 Food and Drug Administration Reauthorization Act (FDARA) to issue a proposed regulation by August 2020 for over-the-counter (OTC) hearing aids. It has also repeatedly delayed publication of a draft guidance on the topic of medical device servicing and remanufacturing that has been on the priority guidance list since October 2018. The document appears on the FY 2021 priority guidance list as it did on the FY 2020 and FY 2019 lists, raising questions about whether it will actually be published this fiscal year. In addition, the center postponed a major guidance on clinical decision support software, which is also on the FY 2021 guidance priority list. CDRH also missed multiple deadlines over the past couple of years to issue a revised quality system regulation (QSR) that aligns with ISO 13485. While setting goals is, of course, the first step to achieving them, we wonder if FDA should take a (well-deserved, particularly in light of the extraordinary COVID-19 response effort) beat to catch up on some of these and other items before committing to more.

CDRH Director Jeff Shuren recently admitted that the diversion of FDA resources to processing EUA requests and creating policies and processes necessary to address the COVID-19 emergency did cause delays for many of the center’s other initiatives. Dr. Shuren has recently called for a reset in 2021 to refocus on CDRH’s priority projects, especially in the areas of digital health and 510(k) reform.

Stay tuned for our next post on FDA drug and biologics law and policy activities in 2020 and for more in 2021 on FDA activities related to COVID-19, user fees, and more.

©1994-2020 Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C. All Rights Reserved.
For more articles on the FDA, visit the National Law Review Administrative & Regulatory section.

Simon says “Don’t Close Yours Stores in My Shopping Centers”

Simon Property Group is at it again. Two years ago, Simon took the shopping center world by storm when it obtained an injunction preventing Starbucks Corporation from shuttering 77 of its Teavana stores in Simon malls across the United States. While the Simon Property Group L.P. v. Starbucks Corporation decision gave shopping centers owners a moment of hope that they could prevent retailers from closing stores during the retail apocalypse, many shopping center professionals soon concluded that the court’s decision probably has little impact beyond the specific facts of that case. We analyzed that decision in our January 2018 article “Decaffeinated: Simon Property Group L.P. v. Starbucks Corporation Is Not a Fix for the Retail Apocalypse”. Undeterred by the narrow application of the Starbucks decision, Simon has once again taken aim at a retailer looking to close its stores in Simon malls.

In the recent decision Abercrombie and Fitch Stores, Inc. v. Simon Property Group, LP, Simon forced national retailer Abercrombie and Fitch to keep its doors open. In February 2019, Simon and Abercrombie began negotiating terms to renew 54 leases in Simon malls and to resolve a rent dispute. Most of the existing Abercrombie leases had expired or were set to expire soon. Simon and Abercrombie exchanged emails confirming the final deal terms for each location and agreeing that the parties would draft conforming documents. In the meantime, Abercrombie continued to operate in the leased spaces and it paid the rents due under the yet-to-be-drafted lease documents. Two months later – and only days before the COVID-19 pandemic stopped the world from spinning – Abercrombie sent Simon the Abercrombie-signed versions of the lease documents and encouraged Simon to have them executed “as quickly as possible.” Days later, Abercrombie closed all of its stores because of the COVID-19 pandemic, and Simon began sending its signed copies of the lease documents to Abercrombie in piecemeal. One day later, Simon closed all of its malls across the country due to the pandemic. That same day, Abercrombie attempted to retract its signatures on 42 of the lease documents citing “the current uncertainty regarding the impact of COVID-19.”

Simon promptly commenced suit seeking a declaratory judgment that the lease documents were valid and also seeking money damages and specific performance. Three weeks later, Abercrombie made clear its intent to permanently close its stores subject to the Simon agreements. Simon responded by seeking a temporary restraining order to prevent Abercrombie from permanently closing these locations. The trial court agreed with Simon, and Abercrombie appealed.

The purpose of a temporary restraining order is to maintain the status quo. One compelling fact in the Starbucks decision was that each of the Teavana stores was open and operating at the time the court entered its injunction preventing any closures, such that the status quo was maintained. In the Abercrombie decision, however, Abercrombie had closed its stores before Simon sought an injunction. Abercrombie argued that compelling it to reopen these stores was an “improper mandatory injunction” and would make Abercrombie take action and engage in conduct that it was not already doing (i.e. re-open and operate in nearly 50 Simon malls). The court disagreed, explaining that the parties had been performing under the pending agreements for nearly two months before COVID-19 temporarily shut down Simon’s malls; yet, Abercrombie decided to close its stores permanently. The injunction did not compel Abercrombie to re-open its stores in defiance of temporary closure orders imposed by state or local governments; the injunction merely prohibited Abercrombie from closing its stores permanently. While this explanation focuses on a distinction without a difference – Abercrombie’s stores were closed, whether because of the COVID-19 pandemic or an Abercrombie business decision – the court reasoned that the status quo is determined as of “last, actual, peaceful, and non-contested status which preceded the pending controversy.” The last, actual, peaceful, and non-contested status between Simon and Abercrombie existed before the COVID-19 pandemic forced Simon to close its malls, when Abercrombie was still operating in Simon’s malls.

Although many shopping centers have seen tenants try to use the COVID-19 pandemic as a shield against their lease obligations, the Abercrombie decision is one of the few instances where the pandemic has actually benefitted a shopping center owner. The court did not say whether Simon would have been denied an injunction in the absence of COVID-19, but the court’s distinction between a temporary closure and a permanent one and the timing of determining the status quo hints that the result might have been different Abercrombie had closed its stores before COVID-19 plagued the United States.

The Abercrombie decision is important for another reason as well. In each of its transmittals to Abercrombie, Simon’s correspondence stated, “to be enforceable by or against a party, a final agreement between the parties must also be written and signed by both parties.” Attorneys use this type of language in negotiations all the time, seeking to avoid being bound to a deal until the ink is dry. Abercrombie seems to have argued that it was not bound to any lease document that Simon had not countersigned by the time Abercrombie retracted its signatures. The court disagreed with Abercrombie here too, explaining that “absolute certainty of all contract terms is not required for a contract to be enforceable.” The parties must only agree to the essential terms. Simon and Abercrombie had confirmed all the essential terms of each lease in email correspondence and memorialized that negotiations were complete long before the leases were drafted.

Additionally – and critically – “the parties’ performance under an agreement will amount to an unambiguous and overt admission by both parties that a contract existed.” Abercrombie kept operating its stores and started to pay – and Simon accepted – the rent due under each of these yet-to-be-drafted leases. Abercrombie also made the settlement payment to resolve the rent dispute. Under these facts, the court concluded that Simon presented prima facie evidence of enforceable agreements and did not hold Simon to its self-serving language that there would be no deal until the parties actually signed the documents. The Abercrombie decision is a cautionary tale for practitioners and business people alike: substance will (and should) prevail over form. If the parties act like an agreement exists, a court may find that one actually does exist. Had the court enforced Simon’s disclaimer, Abercrombie may very well have been free to close its stores in Simon’s malls.

Just as the Starbucks decision is limited by the specific facts in that case, the Abercrombie decision is similarly narrow. It does not empower shopping center owners to force their tenants to remain open and operating under all circumstances. It is, however, another Simon-led example of how shopping center owners are pushing back against retailers. Shopping center owners and retailers alike should take note.

© Polsinelli PC, Polsinelli LLP in California
ARTICLE BY David P. Vallas and  Kelly D. Stohs
of Polsinelli PC
For more articles on malls, visit the National Law Review Corporate & Business Organizations section.

CNIL Fines Google and Amazon 135 Million Euros for Alleged Cookie Violations

On December 10, 2020, the French Data Protection Authority (the “CNIL”) announced that it has levied fines of €60 million on Google LLC and €40 million on Google Ireland Limited under the French cookie rules for their alleged failure to (1) obtain the consent of users of the French version of Google’s search engine (google.fr) before setting advertising cookies on their devices; (2) provide users with adequate information about the use of cookies; and (3) implement a fully effective opt-out mechanism to enable users to refuse cookies. On the same date, the CNIL announced that it has levied a fine of €35 million on Amazon Europe Core under the same rules for its alleged failure to (1) obtain the consent of users of the amazon.fr site before setting advertising cookies on their devices; and (2) provide adequate information about the use of cookies.

Background

The French cookie rules are laid down in (1) Article 82 of the French Data Protection Act, which implements into French law the provisions of the EU ePrivacy Directive governing the use of cookies; and (2) soft law instruments aimed at guiding operators in implementing Article 82 of the French Data Protection Act in practice.

While the provisions of Article 82 of the French Data Protection Act have remained unchanged, the CNIL revised its soft law instruments to take into account the strengthened consent requirements of the EU General Data Protection Regulation (“GDPR”). On July 18, 2019, the CNIL published new guidelines on the use of cookies and similar technologies (the “Guidelines”). The Guidelines repealed the CNIL’s 2013 cookie recommendations that were no longer valid in light of the GDPR’s consent requirements. The Guidelines were to be complemented by recommendations on the practical modalities for obtaining users’ consent to set or read non-essential cookies and similar technologies on their devices (the “Recommendations”). On October 1, 2020, the CNIL published a revised version of its Guidelines and its final Recommendations. The CNIL announced that it would allow for a transition period of six months to comply with the new cookie law rules (i.e., until the end of March 2021), and that it would carry out inspections to enforce the new rules after that transition period. However, the CNIL made clear that it reserves the right to take action against certain infringements, especially in cases of particularly serious infringements of the right to privacy. In addition, the CNIL announced that it would continue to investigate infringements of the previous cookie law rules.

Against that background, on December 2019, March 6 and May 19, 2020, the CNIL carried out three remote inspections of the amazon.fr website and an onsite inspection at the premises of the French establishment of the Amazon group, Amazon Online France SAS. On March 16, 2020, the CNIL also carried out a remote inspection of the google.fr site. These inspections aimed to verify whether Google LLC and Google Ireland Limited and Amazon Europe Core complied with the French Data Protection Act, and in particular with its Article 82, when setting or reading non-essential cookies on the devices of users living in France who visited google.fr and amazon.fr websites. In its press releases, the CNIL stressed that its sanctions against Google and Amazon punished breaches of obligations that existed before the GDPR and are not part of the obligations clarified by the new Guidelines and Recommendations.

CNIL’s Jurisdiction Over Google Ireland Limited’s and Amazon Europe Core’s Cookie Practices

Google and Amazon challenged the jurisdiction of the CNIL arguing that (1) the cooperation mechanism of the GDPR (known as the one-stop-shop mechanism) should apply and the CNIL is not their lead supervisory authority for the purposes of that mechanism; and (2) their cookie practices do not fall within the territorial scope of the French Data Protection Act. Pursuant to Article 3 of the French Data Protection Act, it applies to the processing of personal data carried out in the context of the activities of an establishment of a data controller (or data processor) in France. In that respect, Amazon argued that its French establishment was not involved in the setting of cookies on the amazon.fr site and that there is no inextricable link between the activities of the French establishment and the setting of cookies by Amazon Europe Core, the Luxembourg affiliate of the Amazon group, responsible for the European Amazon websites, including the French site. Google argued that, because the one-stop-shop mechanism should apply, its Irish affiliate, Google Ireland Limited, is the actual headquarters of the Google group in Europe and thus its main establishment for the purposes of the one-stop-shop mechanism. Accordingly, the Irish Data Protection Commissioner would be the only competent supervisory authority.

Inapplicability of the One-Stop-Shop Mechanism of the GDPR

In the initial version of its Guidelines, the CNIL made clear that it may take any corrective measures and sanctions under Article 82 of the French Data Protection Act, independently of the GDPR’s cooperation and consistency mechanisms, because the French cookie rules are based on the EU ePrivacy Directive and not the GDPR. Unsurprisingly, therefore, the CNIL rejected the arguments of Google and Amazon, considering that the EU ePrivacy Directive provides for its own mechanism, designed to implement and control its application. Accordingly, the CNIL concluded that the one-stop-shop mechanism of the GDPR does not apply to the enforcement of the provisions of the EU ePrivacy Directive, as implemented under French law.

To prevent such a situation in the future and ensure consistent interpretation and enforcement of both sets of rules, the European Data Protection Board (the “EDPB”) has called for the GDPR’s cooperation and consistency mechanism to be used for the supervision of the future cookie rules under the ePrivacy Regulation, which will replace the ePrivacy Directive. The CNIL did not wish to pre-empt this future development, and applied the relevant texts literally in its cases against Google and Amazon.

CNIL’s Territorial Jurisdiction

 The CNIL, citing the rulings of the Court of Justice of the European Union in the Google Spain and Wirtschaftsakademie cases, took the view that the use of cookies on the French site (google.fr and amazon.fr respectively) was carried out in the context of the activities of the French establishment of the companies, because that establishment promotes their respective products and services in France.

Controllership Status of Google LLC

Following his investigation, the Rapporteur of the CNIL considered that Google Ireland Limited and Google LLC are joint controllers in respect of the processing consisting in accessing or storing information on the device of Google Search users living in France.

Google argued that Google Ireland Limited is solely responsible for those operations and that Google LLC is a processor. Google stressed that (1) its Irish affiliate participates in the various decision-making bodies and in the different stages of the decision-making process implemented by the group to define the characteristics of the cookies set on Google Search; and (2) differences exist between the cookies set on European users’ devices and those set on the devices of other users (e.g., shorter retention periods, no personalized ads served to children within the meaning of the GDPR, etc.), which demonstrate the decision-making autonomy of Google Ireland Limited.

In its decision, the CNIL found that Google LLC is also represented in the bodies that adopt decisions relating to the deployment of Google products within the European Economic Area and in Switzerland, and to the processing of personal data of users living in those regions. The CNIL also found that Google LLC exercises a decisive influence in those decision-making bodies. The CNIL further found that the differences in the cookie practices were just differences in implementation, mainly intended to comply with EU law. According to the CNIL, those differences do not affect the global advertising purpose for which the cookies are used. In the CNIL’s view, this purpose is also determined by Google LLC, and the differences invoked by Google are not sufficient to demonstrate the decision-making autonomy of Google Ireland Limited. In addition, the CNIL found that Google LLC also participates in the determination of the means of processing since Google LLC designs and builds the technology of cookies set on the European users’ devices. The CNIL concluded that Google LLC and Google Ireland Limited are joint controllers.

Cookie Violations

Setting of advertising cookies without obtaining the user’s prior consent

The CNIL’s inspection of the google.fr website revealed that, when users visited that site, seven cookies were automatically set on their device. Four of these cookies were advertising cookies.

In the case of Amazon, the investigation revealed that, whenever users first visited the home page of the amazon.fr website or visited the site after they clicked on an ad published on another site, more than 40 advertising cookies were automatically set on their device.

Since advertising cookies require users’ prior consent, the CNIL concluded that the companies failed to comply with the cookie consent requirement of Article 82 of the French Data Protection Act.

Lack of adequate information provided to users

When the CNIL inspected the google.fr website, the CNIL found that an information banner was displayed at the bottom of the page, with the following note: “Privacy reminder from Google,” and two buttons: “Remind me latter” and “Access now.” According to the CNIL, the banner did not provide users with information regarding the cookies that were already set on their device. Further, that information was also not immediately provided when users clicked on the “Access now” button. Google amended its cookie practices in September 2020. However, the CNIL found that the new pop-up window does not provide clear and complete information to users under Article 82 of the French Data Protection Act. In the CNIL’s view, the new pop-up window does not inform users of all the purposes of the cookies and the means available to them to refuse cookies. In particular, the CNIL found that the information provided to users does not enable them to understand the type of content and ads that may be personalized based on their behavior (e.g., whether this is geolocation-based advertising), the precise nature of the Google services that use personalization, and whether this personalization is carried out across different services. Further, the CNIL found that the terms “options” or “See more” in the new window are not explicit enough to enable users to understand how they can refuse cookies.

When inspecting the amazon.fr website, the CNIL found that the information provided to users was neither clear, nor complete. The cookie banner displayed on the site provided a general and approximate description of the purposes of the cookies (“to offer and improve our services”). Further, according to the CNIL, the “Read more” link included in the banner did not explain to users that they could refuse cookies, nor how to do so. The CNIL found that Amazon Europe Core’s failure to provide adequate information was even more obvious in the case of users visiting the site after they had clicked on an ad published on another site. In this case, no information was provided to them.

Opt-out mechanism partially defective

In the case of Google, the CNIL also found that, when a user deactivated the ad personalization on Google Search by using the mechanism available from the “Access now” button, one of the advertising cookies was still stored on the user’s device and kept reading information destined for the server to which the cookie was attached. The CNIL concluded that the opt-out mechanism was partially defective.

CNIL’s Sanctions

In setting the fines in both cases, the CNIL took into account the seriousness of the breaches of Article 82 of the French Data Protection Act, the high number of users affected by those breaches, and the financial benefits deriving from the advertising income indirectly generated from the data collected by the advertising cookies. Interestingly, in the case of Google, the CNIL cited a decision of the French Competition Authority and referred to Google’s dominant position in the online search market.

In both cases, the CNIL noted that the companies amended their cookie practices in September 2020 and stopped automatically setting advertising cookies. However, the CNIL found that the new information provided to users is still not adequate. Accordingly, the CNIL ordered the three companies to provide adequate information to users about the use of cookies on their respective sites. The CNIL also ordered a periodic penalty payment of €100,000 (i.e., the maximum amount permitted under the French Data Protection Act) for each day of delay in complying with the injunction, commencing three months following notification of the CNIL’s decision in each case.

The CNIL addressed its decisions to the French establishment of the companies in order to enforce these decisions. The companies have four months to appeal the respective decision before France’s highest administrative court (Conseil d’Etat).

Read the CNIL’s decision against Google LLC and Google Ireland Limited and the CNIL’s decision against Amazon Europe Core (currently available only in French).

Copyright © 2020, Hunton Andrews Kurth LLP. All Rights Reserved.

 

ARTICLE BY Hunton Andrews Kurth’s Privacy and Cybersecurity

 

For more articles on Google, visit the National Law Review Communications, Media & Internet section.

“Hope Is On The Horizon”: California Governor Gavin Newsom Announces COVID-19 Vaccine Distribution Plan

N.B.  Concurrent with the posting of this article, the Vaccines and Related Biological Products Advisory Committee of the Food and Drug Administration (“FDA”) has decided to recommend to the FDA that the FDA approve the emergency use authorization applications submitted by Pfizer and BioNTech.  It is being reported that the FDA may formally approve the applications as soon as tomorrow, Friday, December 11, 2020.  More detail regarding the recommendation and the FDA’s decision will be discussed in a follow-up article.

California Governor Gavin Newsom announced that, “Hope is on the horizon with the [COVID-19] vaccination. We continue to accelerate our planning and preparedness for a safe and equitable vaccine distribution.”  As noted by the Governor, California expects to receive a little more than two million doses of the vaccine this month including 327,000 doses from pharmaceutical company, Pfizer, and 2.6 million doses from biotechnology maker, Moderna.

Now that there are estimated dates of delivery for both Pfizer’s and Moderna’s COVID-19 vaccines and it appears that the FDA – possibly as soon as tomorrow, Friday, December 11, 2020 – will be granting an emergency use authorization to Pfizer and BioNTech for the distribution of their COVID-19 vaccines based upon today’s recommendation from the FDA’s Vaccines and Related Biological Products Advisory Committee, California’s vaccine distribution plan (“Plan”) has claimed the public spotlight.

The following reviews California’s vaccine distribution strategy and highlights the populations receiving priority status for vaccination with the first round of vaccine doses scheduled to be delivered to California this month.

CALIFORNIA’S VACCINE DISTRIBUTION PLAN AND ALLOCATION GUIDELINES FOR COVID-19 VACCINE

During a December 3, 2020 online press conference, Governor Newsom described California’s “COVID-19 Vaccine Distribution Plan” (the “Plan”) and the California Department of Public Health (“CDPH”) “Allocation Guidelines for COVID-19 Vaccine During Phase 1A”  (the “Allocation Guidelines”) as putting healthcare workers[1] and vulnerable patient populations at the front of the line for vaccination.

A. Vaccination Priorities: A Tiered Vaccine Distribution Blueprint

According to the Allocation Guideline’s tiered vaccine distribution blueprint, vaccines will first be provided to (i) residents of skilled nursing facilities, assisted living facilities, and similar long-term care settings for older or medically vulnerable individuals; and (ii) healthcare workers who come into direct contact with patients positive for COVID-19 and those at the highest risk of exposure – e.g., paramedics, emergency medical technicians, and healthcare workers at acute care, correctional and psychiatric hospitals and nursing homes.  Next, healthcare workers in intermediate care facilities, home settings, and primary care clinics (e.g., federally qualified health centers, rural health centers, correctional facility clinics, and urgent care clinics) will be given access to the vaccine.  Finally, the Allocation Guideline’s “third tier” healthcare workers in less risky healthcare settings – e.g., dental offices, laboratories, and specialty clinics – will be eligible for vaccination.

Once vaccine is distributed to healthcare workers based upon the foregoing priority categories, the Plan directs the State to broaden vaccination access to other groups including essential workers – e.g., farm laborers, police officers, child care staff and teachers – and communities at increased risk of COVID-19, including minority communities disproportionately affected by COVID-19.  During a November 23, 2020 press conference, Governor Newsom said, “mass vaccinations are unlikely to occur anytime soon. For the back of the envelope purposes, March, April, May, June, July, where we start to scale, and we start getting into the subsequent phases (of vaccine distribution).”

B. Distribution Of Vaccine – The Mechanics.

According to the Plan, the State-wide distribution of vaccine will be based upon a multi-level and multi-step process designed to promote the equitable distribution of the vaccine and to protect, “California’s critical and vulnerable populations, especially during the early phases when vaccine supply will be limited.” See, Plan, pg. 35.

As outlined by Governor Newsom during his December 3, 2020 press conference, California’s distribution process is comprised of six distinct steps as set forth below:

Step One

Enroll Vaccine Providers and Establish Allocation Guidelines.  The first step involves enrolling healthcare providers to conduct vaccinations and developing guidelines for the allocation of the initial 327,000 doses of Pfizer’s vaccine among six vaccine regions.  As established by CDPH, the six regions and their respective allocation of Pfizer vaccine doses are as follows:

  1. Region I (126,750):  Los Angeles, Orange, San Diego, San Luis Obispo, Santa Barbara, Ventura;

  2. Region II (80, 497):  Alameda, Contra Costa, Del Norte, Humboldt, Lake, Marin, Mendocino, Monterey, Napa, San Benito, San Francisco, San Mateo, Santa Clara, Shasta, Solano, Sonoma;

  3. Region III (8,592):  Butte, Colusa, Glenn, Lassen, Modoc, Plumas, Santa Cruz, Sierra, Siskiyou, Sutter, Tehama, Trinity, Yuba;

  4. Region IV (35,145):  Alpine, Amador, Calaveras, El Dorado, Nevada, Placer, Sacramento, San Joaquin, Stanislaus, Tulare, Tuolumne, Yolo;

  5. Region V (16,706):  Fresno, Kern, Kings, Madera, Mariposa, Merced; and

  6. Region VI (59,910): Imperial, Inyo, Mono, Riverside, San Bernardino.

As noted above, the Allocation Guidelines were adopted and distributed by the CDPH on December 5, 2020.  In addition, the CDPH has identified the following hospitals as participating in the vaccination process: Cedars Sinai Medical Center, Los Angeles; Mercy Medical Center, Redding; Rady Children’s Hospital, San Diego; UCD Health, Sacramento; UCSF Medical Center, San Francisco; Valley Children’s Healthcare, Madera; and Zuckerberg San Francisco General Hospital.[2]  According to CDPH, these facilities were chosen based on their ultra-cold storage capabilities, as the Pfizer vaccine must be stored in negative 80-degree freezers, at large “highest-risk” healthcare population and/or their willingness to redistribute vaccines outside their facility and network. The final criteria was one of geography, as the Department said these places were chosen to be spread across the state as evenly as possible.[3]

Step Two

Review Vaccine Orders Submitted by Local County Departments of Health.  Under the Plan, local county departments of health are obligated to submit distribution plans for their respective geographic regions.  Such plans must include various elements including a description of the region’s “vaccine administration capacity” – such capacity being determined based upon multiple factors including the number of registered vaccination providers in the region; the number of “point of dispensing” (“POD”) sites available to vaccinate emergency responders and critical infrastructure personnel in the region; and the COVID-19 vaccine storage capacity at each POD.

Steps Three and Four

Local County Orders.  Steps 3 and 4 involve the process of preparing and filling of the local county orders.

Step Five

Vaccine Delivery Logistics.  Shipping companies like UPS and FedEx will drop off the vaccine to hospitals and vaccine providers who already have approved cold-chain storage units. To increase storage capacity, the State has purchased additional cold storage units for providers to use.

Step Six

Vaccine Administration.  Once again, the 327,000 Pfizer vaccine doses will be distributed and administered in accordance with the Allocation Guidelines as described above. As explained by Governor Newsom, notwithstanding the initiative of the vaccination process, mask and social distancing rules will remain in place.  Over time, this will change; however, as an initial matter, it is still unclear as to whether vaccinated individuals are still capable of spreading the virus to others.

A CLOSER LOOK:  VACCINE DISTRIBUTION CHALLENGES.

As noted above, the execution of the Plan and the delivery of vaccine to the priority populations identified in the Allocation Guidelines fall on the shoulders of the local county departments of health. Although each county will experience its own unique challenges during the vaccination process – such challenges could vary significantly from one county to the next given the extreme demographic, geographic and other differences between the counties – experts have identified certain common challenges that will likely create significant hurdles for all counties to overcome.

1. “Colder than Winter in Antarctica.”

As has been widely reported and discussed, the Pfizer vaccine needs to be kept extremely cold: minus 70 degrees Celsius, which is, “colder than winter in Antarctica.”[4]  By contrast, Moderna has said that its vaccine needs to be frozen too, but only at minus 20 Celsius, more like a regular freezer.[5]

Given the need to maintain the Pfizer vaccine at ultra-low temperatures, the storage and transportation of the vaccine presents significant logistical challenges.  In order to meet this challenge, counties and healthcare providers in California and elsewhere have been scrambling to get their hands on ultra-cold freezers.  For example, in the case of Los Angeles County (“LAC”), the LAC Department of Public Health purchased five ultra-cold freezers in addition to three from the State and eight purchased by the LAC Department of Health Services.  These 16 freezers will be placed in strategic locations across LAC; however, the eight LAC Department of Health Services freezers will be dedicated to staff and patients at the LAC’s four public hospitals and 27 health clinics.

2. Multi-Dose Vaccines and Compliance Challenges.

In addition to the cold storage and transportation challenges described above, both the Moderna and the Pfizer vaccines present significant challenges as multi-dose vaccines – i.e., vaccines that require more than one dose to reach maximum effectiveness.

Multi-dose vaccines present a number of challenges that will likely complicate the vaccination process.  For example, vaccines with two-dose regimens will require careful tracking of doses and follow up with each individual receiving the vaccine to ensure they receive the same vaccine, with the second dose given at the proper time.[6]  The CDC and local jurisdictions are in the process of implementing a new vaccine tracking system to monitor COVID-19 vaccine administration and help with multiple dose tracking, but it is unclear if, or how, the new system will integrate with existing immunization information systems.[7]

In addition to the technical/logistical challenges posed by multi-dose vaccines, research has shown that many patients who receive their first dose of a multi-dose vaccine often fail to return for their second dose.  For example, studies conducted in both the US and UK on the hepatitis B vaccine — which, like the Pfizer and Moderna Covid-19 vaccines, is supposed to have around a one-month period between the first and second doses — found that roughly 50% of patients failed to get their follow-up shot within a year after their first.[8]   By failing to obtain the second dose, a patient may experience little or no protective effect from the vaccine.  Therefore, to the extent that the goal of vaccination in this case is to bring the current public health emergency to an end, the public will need to be educated as to why the second dose of the vaccine is as much an imperative as the first dose.  For this reason, many have argued that public education is an indispensable element of any successful vaccination plan.

We will continue to monitor State and local implementation of the Plan, the Allocation Guidelines, and the general progress of California’s efforts to distribute vaccine in California.

This article is not an unequivocal statement of the law, but instead represents our best interpretation of where things currently stand.  This article does not address the potential impacts of the numerous other local, state and federal orders that have been issued in response to the COVID-19 pandemic, but which are not referenced in this article.

FOOTNOTES

[1]  As described in the Allocation Guidelines, the term “healthcare worker” includes both clinical personnel and non-clinical personnel at “direct risk of exposure in their non-clinical roles, such as, but not limited to, environmental services, patient transport, or interpretation.”  See, Allocation Guidelines, pg. 1.

[2] “Here’s where COVID-19 vaccines will be stored and distributed in California,” by Andie Judson, KXTV-TV (December 4, 2020) at https://www.abc10.com/article/news/health/coronavirus/heres-where-covid-….

[3] Id.

[4] “Why Does Pfizer’s COVID-19 Vaccine Need to be Kept Colder than Antarctica?” by S. Simmons-Duffin, Morning Edition, National Public Radio (November 17, 2020) at https://www.npr.org/sections/health-shots/2020/11/17/935563377/why-does-…

[5] Id.

[6] “Distributing a COVID-19 Vaccine Across the U.S. – A Look at Key Issues” by J.M. Follow and J.K. Follow, Kaiser Family Foundation (October 20, 2020) at https://www.kff.org/report-section/distributing-a-covid-19-vaccine-acros…

[7] Id.

[8] “Compliance with multiple-dose vaccine schedules among older children, adolescents, and adults: results from a vaccine safety datalink study,” by Nelson JC, Bittner RC, Bounds L, et al., Am J Public Health. 2009;99 Suppl 2(Suppl 2):S389-S397 at https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4504385/.

Copyright © 2020, Sheppard Mullin Richter & Hampton LLP.
For more articles on the coronavirus vaccine, visit the National Law Review Coronavirus News section.

Madison Takes ‘Pot’shot at Wisconsin, Joins Growing List of Municipalities to Decriminalize Cannabis

In November 2020, the Common Council for the City of Madison, Wisconsin, passed ordinances decriminalizing the possession and use of small amounts of cannabis or cannabis derivatives within city limits. With those ordinances, which became effective on Friday, December 4, 2020, Madison joins a number of other Wisconsin municipalities that have decriminalized the possession and use of marijuana in some form or fashion. One alderman called the decriminalization long overdue, adding that it was “preposterous and outrageous” that the Wisconsin State Legislature had not moved to legalize and regulate cannabis as have many other states across the country.

According to the “drafter’s analysis” of Section 23.20 of the Madison General Ordinances as amended, an individual 18 years of age or older may possess or consume up to 28 grams of medically prescribed cannabis or cannabis derivatives if he or she “has a prescription for said possession.” The ordinance allows an individual to “consume cannabis or cannabis derivatives on private property with the permission of a person who is lawfully on the property or on public property with the permission of the owner, landlord or tenant.”

The ordinance does not apply to state-owned property, nor does it permit marijuana smoking where cigarette smoking is prohibited by Wisconsin’s ban on indoor smoking.

Unlike some of the marijuana legislation across the country, Madison’s decriminalization rules do not contain specific employment protections. As such, employers can still prohibit employees from possessing, using, and being under the influence of marijuana at worksites in Madison. Further, the possession and use of marijuana is still prohibited by federal law. Thus, although off-duty possession and use of marijuana may be legal at the local level in Madison, it does not entitle the individual to protection from employment discrimination under Wisconsin’s lawful products statute.

Nevertheless, it is possible for issues related to marijuana use to trigger employment law protections. Under the Wisconsin Fair Employment Act (WFEA), for example, individuals convicted of crimes, including drug-related offenses, cannot be excluded from employment on that basis unless the facts and circumstances of their crimes substantially relate to the jobs for which they are employed (or are applying). Further, the WFEA and the Americans with Disabilities Act distinguish between current use of illegal drugs, which is generally not protected, and drug addiction, which is a disability for which discrimination is prohibited and reasonable accommodation can be required.

Madison’s ordinances became effective on the same day that the United States House of Representatives passed the Marijuana Opportunity Reinvestment and Expungement (MORE) Act of 2019 (H.R. 3884), a historic, but largely symbolic, bill to decriminalize marijuana at the federal level. While the U.S. Senate is not expected to follow suit, the House’s passage of H.R. 3884 is further indication that public sentiment regarding marijuana is changing. Indeed, during the November 2020 election, all six state ballot initiatives to legalize marijuana passed—four for recreational use (Arizona, Montana, New Jersey, and South Dakota), and two for medical use (Mississippi and South Dakota).

Employers may want to monitor these developments at the federal, state, and local levels, and adjust their policies and procedures accordingly.

© 2020, Ogletree, Deakins, Nash, Smoak & Stewart, P.C., All Rights Reserved.
For more articles on cannabis, visit the National Law Review Biotech, Food, Drug section.

Consumer Product Safety Advocates Pen Memorandum to Biden Transition Team Foreshadowing Push for More Active and Aggressive CPSC

For years consumer product safety advocate groups have bemoaned the seeming lack of aggressiveness from the Consumer Product Safety Commission (“CPSC”). As an example, they complain that the CPSC levied no civil penalties on companies in 2020, 2 in 2019, and only 1 in 2018, penalties being a surrogate in their minds for enforcement. As counsel for many companies, we know that this is not the case and CPSC compliance activity has remained vigorous. But perhaps the ongoing criticisms led Acting Chairman Robert Adler to publicly announce in mid-November the CPSC’s recent vote to refer a case to the DOJ for prosecution of a civil penalty.

With the Commission evenly split 2-2 between Democrats and Republicans, and the incoming Biden administration only one month away, in early November seven industry groups penned a memorandum to the Biden Transition Team to advocate for greater power for, and greater use of existing power, by the agency. This is an important message because these leading advocates may well populate the Commission at high levels in the next few years.

The people who signed the document are capable and well intentioned. We share their goals for a strong, more effective CPSC but we question their proposed remedies. The Agency has a wealth of statutory authorities at its disposal. It just needs the resources, financial and technological, to better use them as well as a greater focus on priority areas. In this post, we will focus on the general, non product-specific proposals except to note that furniture and juvenile products are top of the list.

The memorandum, published on November 11th, was signed by leaders of the American Academy of Pediatrics, Consumer Federation of America, Consumer Reports, Cuneo Gilbert & LaDuca, Kids In Danger, Public Citizen, and U.S. Public Interest Research Group (PIRG). Among the many actions advocated in the memo, the groups included a plea to the Biden Administration to utilize the CPSC to:

  • File more formal administrative or legal complaints to seek recalls (although we note that the  voluntary approach is far more effective and less resource intensive);
  • Make more frequent public preliminary determinations that corrective action will be warranted (without recognizing the legal requirements for findings and due process to justify this commercially devastating action);
  • “[R]everse the current trend and go back to imposing meaningful civil penalties on corporate violations of consumer product safety law” (without recognizing the real world deterrent effect of the threat of any penalties for public-facing companies.)

Section 6(b) still the Misunderstood Villain Subject to Much False News

Perhaps one of the most controversial CPSC-related statutory provisions is Section 6(b) of the Consumer Product Safety Act (“CPSA”). The section requires the CPSC to take reasonable steps to ensure that disclosure of information identifying a specific product, manufacturer, or private labeler, is accurate, fair in the circumstances, and reasonably related to effectuating the purpose of the CPSA and related laws. Information voluntarily submitted to the Commission under Section 15 (reports of potentially defective or unsafe products) is shielded from disclosure, even from FOIA requests, without the agency first going through procedural mechanisms to ensure release of the information doesn’t run afoul of 6(b). This provision resulted from unfair and devastating harm to companies from unjustified public condemnations and announcements by CPSC.

There is no known evidence to support the claim that the CPSC has been prevented by law from disclosing important information about unsafe products. The law provides for accelerated disclosures where justified. Nevertheless, consumer advocates have for years put forward the rallying cry that manufacturers have a veto over CPSC’s release of information that harms the public. The advocates’ memo calls for Congress to repeal Section 6(b). Absent such a bill, the advocates call for clarification that Section 6(b) does not extend to records released under FOIA, which currently runs contra to Supreme Court precedent from 1980.1

The memorandum also calls for significantly less reliance on consensus standards as both the basis for compliance action and regulatory action. Cost-benefit analysis would be downgraded (even though it is a hallmark of the Clinton and Obama Administrations.) These proposals are fraught with problems and fail to recognize that globally the product safety system has as its essential underpinning consensus standards, which results in a very safe consumer product ecosystem in the United States.

Finally, the advocates state that CPSC is woefully underfunded, given the incredibly important mission of consumer protection. Many CPSC observers share this sentiment. The memo calls for a drastic expansion of the agency, and increased budget for the CPSC.2 In fact, the memo advocates for a doubling of CPSC appropriations, an impractical request.

What This Means: Aggressive Advocacy and Activity Inside and Outside the Agency  

For those regularly following the CPSC, the issues discussed in the advocates’ memorandum with great passion are nothing new. What changes, however, is the context. While Senate Leadership has been unable to confirm a third Republican commissioner nominee or a Chairman nominee with the failed attempts to confirm Ann Marie Buerkle and Nancy Beck (thus far), the Commission sits at a 2-2 position. Bob Adler, an Obama appointee, has been acting Chairman for over one year, allowing for an essentially Democratic-controlled agency under a Republican administration except for the deadlock on most regulatory actions. We will eventually see who gets nominated by the Biden administration and whether eventual new leadership will implement and advocate on the inside for the positions advocated to the Transition Team.

One can safely presume that the CPSC will be far more aggressive in the coming years. Companies would be well-served to protect themselves by ensuring their houses are in order—effective safety procedures in place up and down the supply chain.

Consumer Product Safety Commission v. GTE Sylvania, Inc., 447 U.S. 102 (1980).

CPSC requested a budget of $135 million for FY 2021.

©1994-2020 Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C. All Rights Reserved.
For more articles on the CPSC, visit the National Law Review Consumer Protection section.

In the News: Can Employers Require the COVID-19 Vaccine?

From when one will be available in the United States to where you may fall in the priority line, COVID-19 vaccines are dominating the news cycle right now. Unsurprisingly, a common question from employers has emerged: can we require employees to obtain a COVID-19 vaccine before returning to work?

In short, it depends

Because the EEOC has not issued guidance specific to the COVID-19 vaccine (not yet, anyway), its past guidance concerning whether an employer may require employees to get a flu vaccine is helpful. Generally, employers can require employees to receive a vaccine before returning to work, but there are a couple of caveats.

First, employees may be entitled to an exemption from a mandatory vaccination requirement, so it is important for employers to find out why an employee will not get the vaccine if asked to do so. An employee with (1) a covered disability or (2) a sincerely held religious belief, practice, or observance that prevents the employee from taking the vaccine may need to be excused from this requirement as a reasonable accommodation unless it will present undue hardship. For employers considering denying an accommodation based on undue hardship, it would be prudent to consult with your employment lawyer before doing so. Accommodation issues stemming from COVID-19, work from home, and administration of the COVID-19 vaccine are likely to continue to plague employers for the next couple of years (at least), so getting ahead of this issue is key.

Second, and practically speaking, it remains to be seen when vaccinations will start in the United States and, even then, how quickly vaccines will be commonly available for those who fall at the bottom of the priority line. In the meantime, employers should be considering whether a mandatory vaccination requirement is right for their workplace and, if so, when it will go into effect and the consequences for not complying (subject to the reasonable accommodation exemptions). What is right for each employer will depend on the workforce, the nature of the business, and many other factors.

So, what now?

With so many unknowns at this point, the best course of action is to plan ahead but remain flexible and wait to disseminate or implement any sort of policy or requirement. Take this opportunity to weigh the potential legal exposure of a mandatory vaccination requirement and consider whether a mandatory or voluntary (even if strongly encouraged) vaccination policy is appropriate based on the nature and needs of your business. Avoid a knee-jerk reaction; instead, balance workplace health and safety with employee rights and ensure those handling accommodation requests will be prepared. And if you have questions, consult your employment counsel before acting.

© 2020 Jones Walker LLP
For more articles on the COVID-19 vaccine, visit the National Law Review Coronavirus News section.

Getting the Most Out of Legal Rankings

It seems that every year, the legal rankings landscape gets just a little more crowded and a lot more confusing — but that doesn’t mean they aren’t important. With more than 1.3 million licensed lawyers in the United States today, there is a lot of competition. You have to demonstrate how you stack up — and that is where rankings, lists and awards come in.

Thousands of legitimate U.S. and international rankings, lists and awards recognize lawyers. The key is to prioritize the rankings that align most closely with your business development goals and then optimize your time and effort.

Developing a rankings program is no easy task, in part because it is an entire process. Where do you start? How do you get the information you need from your fee earners? How do you identify the best rankings for your firm? What should you include to make your submission or nomination stand out? Let’s break some of this down into bite-sized chunks.

Developing Your Strategy

Honestly assess your attorneys and practices relative to the competition, and prioritize those submissions you think are likely to be most successful. No firm and no lawyer can be all things to all people, so don’t try. Instead, use rankings to highlight the skills and experiences that set your firm or attorneys apart. Look for organizations or publications that evaluate these areas. Now, go through and evaluate each opportunity to make sure it’s credible and aligned with your business development goals. “Stretch goals” are great, and it is important to get on the radar of researchers, but remember that you need to focus and create realistic goals, too.

Gathering Information

When it comes time to collect the information needed for your submissions or nominations, think about ways to do this without requiring too much time from attorneys, since it is a non-billable activity.

One efficient method to collect information is through a template that is incorporated into the workflow for all client engagements. You might decide to have a trigger for this template: a certain value, area of practice, industry or whatever else fits your rankings plan. When you design your template, think about the requirements for all of the submissions you plan to make.

Writing Standout Submissions

Once you have your submission requirements, deadlines and information about the client work, it’s time to make the sausage: writing the killer submission. Most firms end up regurgitating their websites when providing information about their attorneys. Researchers can look your attorneys up online and get all of this information. What they can’t probably do is get details about your lawyers’ newest and most-interesting client work. Focus on that work.

Bring out your inner storyteller and weave work highlights into a narrative that sets you apart. As you write, think about how your team’s work is unique, special or first of its kind. This is your “sales pitch.” You want to make sure that whoever reviews your submission can’t help but agree that your lawyers are a cut above the rest.

If you are working on a submission to recognize a practice or an entire firm, rather than individual professionals, make sure to show depth. One or two rock stars do not make an exemplary practice or firm. It is okay for them to be your cornerstones, but you also have to showcase those who are coming up behind them, those who support them, etc.

Review Gaps

While gathering information to prepare a rankings submission, evaluate how you can improve your client service. Often, working to answer questions in the submission will uncover things like silos or gaps in communication between practice groups or offices. If you look at your submission and notice a lot of work in one area (and a lot of referral work in a complementary area), ask yourself, “Has the firm thought about expanding to serve this need?”

Think about Client Feedback

Many rankings submissions require client feedback. Figuring out who will be the “best” client to put forth will require some internal evaluation. Choose references whom you have worked with over the past 12 months and who can give a good overview of your work together. It is not necessary to pick the person with the highest title; it is best to pick the person who will respond to the email or pick up the phone and give an honest review of your firm. Once you’ve identified those clients, take some time to evaluate what they might say about you and how you could serve them more effectively.

Rankings organizations are essentially completing client satisfaction surveys. Are you doing these with your clients directly? If not, think about how you can incorporate client feedback into your client service continuum. Many lawyers are reluctant to ask clients for feedback, and then are surprised when clients take their work elsewhere. Feedback is a good thing; it gives you the opportunity to improve your service and build deeper, long-lasting relationships with clients.

Recognize Your Lawyers

When you complete nominations for individuals in the firm, you often learn interesting things about them that should be celebrated. Use this information to recognize lawyers internally. Have they volunteered a tremendous amount of time with a nonprofit? Are they mentoring students? Are they prominent in bar service or other professional leadership roles? Have they published something of value to colleagues? Acknowledging things like this will go a long way toward making your lawyers feel valued and appreciated. You can also acknowledge these activities through other firm channels, such as social media or public relations.

Repurpose, Repurpose, Repurpose

The valuable information you have gathered for your submissions can and should be repurposed for things like client alerts, articles, media relations or other thought leadership pieces. Viewing this time as a good investment will help make focusing on non-billable work appealing for lawyers.

Don’t Get Frustrated

Don’t be discouraged if your submission doesn’t generate immediate results. For the most part, this is a marathon, not a sprint. Each award is different, and getting an attorney or firm ranked is often a strategic, multi-year process. If the ranking organization allows, ask for feedback on your submission. This is a good opportunity to get an objective review of the quality of your submissions and how your practice compares with others.

You might not be overly enthused about the time it takes to participate in rankings and awards, but they are important to enhancing your firm’s credibility with current and prospective clients. Focusing on making the process as painless as possible and ensuring that you maximize the use of the information you collect will help to gain more buy-in.

© Copyright 2008-2020, Jaffe Associates
ARTICLE BY Michelle McCormick of Jaffe
For more articles on the legal industry, visit the National Law Review Law Office Management section.

4 Reasons You Got Burned By Your Last Marketing Agency (& 1 Reason You Were The Problem)

It’s a big decision to partner with a digital marketing agency: You’re delegating some (or all) of an important business function to presumed experts and you’re trusting that they will deliver better results than an internal resource.

When that relationship works – there’s nothing better:

  • You’ll have increased bandwidth to work on projects that are in your passion areas.
  • You’ll take comfort in knowing a task you might not enjoy is being expertly completed by someone who does.
  • You’ll find improved bottom line results – you’re making more money by partnering with a trusted vendor.

Yet if the relationship turns sour, there’s nothing worse: lost money, time, and trust in a potential channel that would otherwise be profitable.

There are four core reasons an agency relationship can go south:

  • Big promises for chump change.
  • The chemistry is off.
  • Expertise isn’t in the channel/task set you need.
  • You lose control over your assets.

Before partnering with an agency consider whether they’re a high risk for these signals.

  1. Big Promises For Chump Change

We all love a good deal, and just because a vendor is “expensive,” doesn’t inherently mean they’re experts.

However, it’s vital to have a sense of what market rates are for different business/marketing functions so you don’t get suckered into a cheap relationship that does more harm than good.

Sites like fiverr might offer SEO for $50-$250 per month. Most of these ads are focused on link building (which when done poorly, can tank a site and cause your brand to lose out on traffic and business).

Opting for the cheaper vendor can cause you to need more expensive rehabilitation in the long run

The other common mistake is opting into a deal where the agency is responsible for a certain amount of leads at a given price. This sort of partnership relies on the agency driving the leads under the price that they’re selling them for (which inherently means you’re paying a premium for your leads).

Here’re questions you should ask an agency before signing up for a cheap offering:

  • How many clients are you currently working with?
  • What timelines should I expect to achieve meaningful results?
  • What are realistic results I can expect from my investment?

By asking these questions, you’ll be able to not only get insights into benchmarks for your efforts, but also whether the vendor will be a partner. Unfortunately, most cheap vendors are only in it to scam brands out of 3-4 months of retainer before they move onto the next.

Takeaway: if it sounds too good to be true, it probably is.

  1. The Chemistry Is Off

I love my clients and will do everything in my power to see them succeed. I also am VERY selective on who I take on as a client because I need to believe in the client and my ability to make them money before agreeing to take them on.

When you choose an agency partner/vendor, you should be elated to work with them, and they should be just as excited to work with you.

If you’re looking for someone who will be “on-call” and the vendor is slow to respond during the sales process, there’s no reason to expect they’ll be more responsive once you become a client.

On a similar note, if you’re looking for someone who will be a true partner for your org and the vendor is a software, you will likely be disappointed (unless you opt for a premium version that includes a customer success manager within scope of the agreement).

Be honest with yourself about what you need out of your vendor (both hard and soft skills).

Here are the questions to ask to assess the chemistry of the relationship:

  • What communication cadence can I expect?
  • Are there any shared “outside work” interests (I always get along better with clients who are fellow Star Wars fans)?
  • Am I your main partner in this vertical?

Understanding how valued you are by your potential vendor will help set expectations for what will hopefully be a long and profitable relationship. If you don’t feel valued from the beginning, odds are you never will.

Takeaway: Listen to your gut.

  1. Expertise Isn’t In The Needed Channel/Task-Set

I am good at PPC. I’ve worked hard and logged the hours to gain mastery in pay per click (PPC) advertising. What I am not is a coder, financial analyst, or designer.

Agencies/vendors who claim to be experts in everything rarely are. You will either experience sub-par work or pay a premium because the vendor is outsourcing the work to a partner they trust.

If a vendor claims they are a trusted expert in a given area – look them up. A true expert will have at bare minimum a paper trail on LinkedIn outlining their career trajectory. If it’s a software, check review sites like G2Crowd and Trustpilot.

Agencies that focuses on both PPC and SEO can absolutely be legit (I belong to one).Ensuring you land with a trusted vendor instead of a greedy pretender depends on asking the following questions:

  • What strategy will you use to help my brand succeed, and how will the given channel help me?
  • Are there different pricing structures for your different services?
  • Who is doing the work?

By asking these questions you’ll get a sense of how comfortably a given service fits into the vendors mix.

Takeaway: Don’t force all business needs to fit under one vendor.

  1. You Lose Control Over Your Assets

A big red flag for a toxic vendor relationship is that you lose access/rights to your assets (analytics account, ads account, website, Google My Business, etc.).

This is common with softwares like Kenshoo and Marin, but can also come up in certain agency contracts (especially those that are “pay per lead”).

If you’re going to engage a firm/software, make sure you understand exactly what the terms are and how easy it will be to walk away from them if the relationship goes south.

These are the questions to ask:

  • How much visibility will I have into your work?
  • Who owns the account?
  • How much access do you need to complete your work?

Certain channels will require granting admin access to your vendor (especially if they are a web development or SEO vendor). However, under no circumstances should you lose access to your brand’s assets.

Takeaway: Don’t allow yourself to be held hostage by a mediocre vendor.

A common reason the relationship between brand and vendor goes south is because the right questions weren’t asked at the start of the engagement to establish reasonable expectations.

If you’re not asking these questions, you’re part of the problem!

Most agencies are good actors and genuinely want what’s best for their clients. Establishing from the onset a healthy communication cadence, performance goals, and mechanics of the vendor agreement ensures there are no surprises.

Some agencies may choose not to partner with you, and that’s ok! You and your brand deserve a vendor who is excited by the problems you’re tasking them to solve, and enjoys working with you.

Copyright 2020 © Hennessey Digital
For more articles on legal marketing, visit the National Law Review Law Office Management section.

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by