Tag: Global

Coronavirus and the Workplace: What Employers Need To Know

News that multiple cases of the newly-identified 2019 Novel Coronavirus have reached the United States have prompted employers to think about employee safety and ways to address disease prevention in the workplace. Although, according to the Occupational Safety and Health Administration (OSHA), “most American workers are not at significant risk of infection” at this time, the situation is evolving, and it is never too early for employers to consider how they can address employee concerns, help prevent an outbreak, or address one if it occurs. Employers should also be aware of legal pitfalls that they may encounter when attempting to protect their employees from the virus.

The following addresses some of the key questions employers may have regarding the Coronavirus threat.

What is the Coronavirus and How Is It Transmitted?

At this point, relatively little is known about the 2019 Novel Coronavirus, more commonly known as the “Coronavirus.” According to the CDC, the initial reports of the illness originated in Wuhan, China, where people likely contracted the virus from animals at a seafood and animal market. Experts now believe that the virus is spreading from human-to-human when an infected person coughs or sneezes, similar to the spread of a cold or flu. However, it is still too early to know how easily the virus is transmitted between people.

What Are the Primary Symptoms of the Coronavirus?

In the confirmed cases of Coronavirus thus far, affected individuals have reported mild to severe respiratory symptoms, fever, cough, shortness of breath, and breathing difficulties. In severe cases, the virus has led to pneumonia, kidney failure, and, in at least 100 deaths (presently, all in China), as of the time of this writing.  The CDC believes at this time that symptoms may appear within two to fourteen days after exposure.  However, some infected individuals have shown little to no symptoms.

How Can Spread of the Coronavirus Be Prevented?

Because there is presently no Coronavirus vaccine available, the CDC is recommending standard precautions to avoid the spread of respiratory viruses, such as washing hands with soap and water for at least 20 seconds, or, if soap is not available, using hand sanitizer; avoiding close contact with people who are sick; staying at home when you are sick; and disinfecting frequently touched objects and surfaces.

What If My Employees Travel to China For Business?

As of January 27, 2020, the CDC has issued a level 3 health travel notice (the highest threat level) recommending that people avoid all nonessential travel to China.

Employers whose employees travel to and from China should keep in mind the following:

  • Consider whether to limit business travel to affected areas. While the current CDC travel notice does not specifically define “nonessential travel,” the General Duty Clause of the Occupational Safety and Health Act (OSHA) requires employers to furnish “employment and a place of employment which are free from recognized hazards that are causing or likely to cause the death or serious physical harm to … employees.”  Although the Occupational Safety and Health Administration (also referred to as OSHA) has not promulgated specific standards covering the Coronavirus, requiring employees to engage in nonessential business travel to China (or any other areas in which the risk of contagion is heightened) could create risk under the General Duty Clause, particularly in light of the CDC warning against nonessential travel.  For that reason, employers whose business may involve travel to China (or other areas that become subject to travel restrictions or otherwise experience an increase in the spread of the virus) should consider other available options for employees for the duration of the threat, such as videoconferencing.

By the same token, employers should also be prepared to respond to employees who may express concerns about traveling to affected areas due to the virus.  While an employer generally has broad discretion to decide the duties and requirements of a job and to discipline employees who fail to fulfill those requirements, as a practical matter employers may wish to consider offering employees reasonable alternatives to such travel.

Finally, while employers may implement restrictions on work-related travel to affected areas, employers should tread more carefully when attempting to police personal, non-work-related travel. That said, recent decisions in the Seventh, Eighth, and Eleventh Circuits have held that the disability discrimination protections of the ADA do not apply where an employer takes an employment action based on the potential for an employee to become ill and disabled in the future.  Specifically, the Eleventh Circuit found no liability under the ADA where an employer terminated an employee who requested time off to travel to Ghana to visit family because of the perceived risk that the employee would contract the Ebola virus, due to recent outbreaks of the disease in neighboring countries.  While courts have tended to take this view, it is worth noting that the EEOC has argued on at least one occasion that an employer acting on a potential future health condition may be viewed as “regarding” an employee as disabled as long as the condition otherwise qualifies as a disability under the law.  For this reason, employers should consider the risks with imposing a ban on personal, non-work-related travel to affected areas.

  • Provide relevant safety information to employees. Employers whose employees travel to affected areas should provide information to their employees about how the Coronavirus is transmitted, its symptoms, and how to avoid exposure – utilizing trusted and reputable sources such as the CDC. Employers would be well advised to also provide these employees with resources and contact information for local health departments and the CDC.
  • Understand that employee travel may be interrupted. The Chinese government has closed transit within and out of Wuhan and certain other areas of the Hubei Province. Hong Kong has also imposed certain restrictions on travel to and from the Chinese mainland. The United States is also re-routing passengers from Wuhan, China to certain designated airports (including Chicago O’Hare, Atlanta, New York JFK, Los Angeles, and San Francisco) for enhanced screening. While screening for common viruses usually takes several hours, officials have indicated that those suspected of having the Coronavirus could be delayed for up to a day if additional screening is needed.

What Should I Do if an Employee Has Recently Traveled to China or Otherwise May Have Been Exposed to the Coronavirus?

Employers should remember that the Americans with Disabilities Act (ADA) places certain restrictions on the kinds of inquiries that can be made into an employee’s medical status. Specifically, the ADA prohibits employers from making disability-related inquiries and requiring medical examinations, unless (1) the employer can show that the inquiry or exam is job-related and consistent with business necessity, or (2) where the employer has a reasonable belief that the employee poses a direct threat to the health or safety of the individual or others that cannot otherwise be eliminated or reduced by reasonable accommodation.

According to Pandemic Preparedness Guidance published in 2009 by the Equal Employment Opportunity Commission (EEOC) in the midst of the H1N1 influenza outbreak, whether a particular outbreak rises to the level of a “direct threat” depends on the severity of the illness.  Employers should look to the most up-to-date assessments being made by the CDC or other public health authorities, as they relate to the employer’s location, to determine the severity level of an illness and, in turn, whether an employee who potentially has been exposed to the illness may constitute a “direct threat.”  Employers should not rely on speculation or unofficial information when making determinations about whether there is a direct threat.  At the moment, the CDC is not classifying the Coronavirus as a pandemic and has not issued a heightened threat level for the United States.  However, the situation continues to rapidly evolve and we will provide updates should additional guidance be released by the CDC or other public health officials on this important issue.

All this being said, employers should keep in mind the following when it comes to employees who have traveled to affected areas:

  • Employers need not wait until an employee returning from travel develops symptoms to inquire about exposure to the Coronavirus. Inquiring about whether an employee has traveled to an affected area or about possible exposure to a contagious illness during such travel would not constitute a disability-related inquiry.  However, as discussed below, the extent to which an employer may act on the information received will depend on the most recent information available from the CDC or other public health officials.  Further, employers inquiring into whether employees have traveled to affected areas should do so of all employees known or believed to have recently traveled, rather than directing such inquiries only to employees of certain races, ethnicities, or national origins. Finally, employers should be mindful to keep confidential all medical-related information received from an employee, in accordance with the ADA.
  • Under certain circumstances, employers may require employees who have traveled to areas affected by serious health threats to stay home. If the CDC or other local public health officials recommend that people who visit specified locations remain at home for several days until it is clear they do not have illness symptoms, an employer may require an employee who traveled to an affected area to remain out of work for the suggested period of time.  While presently the CDC states that individuals who may have been in close contact with someone with the Coronavirus may continue with their daily activities so long as they are not showing any symptoms, employers should continue to monitor the CDC website for further developments. In the absence of a CDC directive that employees who have traveled to affected areas stay at home, an employer who is considering requiring such employees to remain home, they should consult with counsel.

What Other Things Should Employers Be Thinking About When it Comes to the Coronavirus?

  • Employers may – and should – send employees home if they exhibit potential symptoms of contagious illnesses at work. The EEOC has said that sending an employee home who displays symptoms of contagious illness would not run afoul of the ADA’s restrictions on disability-related actions because: (i) if the illness ultimately turns out to be relatively mild or “run of the mill” (such as seasonal influenza), then it would not have constituted a covered disability in the first place; and (ii) if the illness does turn out to be severe (such that it may constitute a disability under the law), then the actions would be warranted under a direct threat analysis. In either case, an employer can send an employee home who is displaying symptoms of contagious illness, even if this is against the employee’s wishes.  Employers should also consider making clear in their policies that employees who have symptoms of a potential contagious illness must not report to work while they are sick.
  • Determine whether the FMLA or other leave laws may apply. An employee who is experiencing a serious health condition or who requires time to care for a family member with such a condition may be entitled to take unpaid leave under the federal Family and Medical Leave Act (FMLA) or state-law analogues.  Employees may also be eligible for leave as a reasonable accommodation under the ADA or related state or local law, if the underlying condition constitutes a qualifying disability.  However, employees generally are not entitled to take FMLA or reasonable accommodation leave to stay at home to avoid getting sick (though an exception may exist where a preexisting medical condition is likely to be worsened by exposure to a contagious disease). Furthermore, employees in certain jurisdictions may be entitled to paid sick leave if needed to care for themselves or a sick family member in the event of an illness, or if their workplace or a child’s school or day care is closed due to a public health emergency.
  • Consider whether OSHA requirements may apply. While, as noted above, OSHA has not promulgated specific standards covering the Coronavirus, it has issued a notice indicating that employers should be aware of the following general standards to which employers may be subject under OSHA:
    • General Duty Clause: As discussed above, the OSHA General Duty Clause requires employers to furnish “a place of employment which [is] free from recognized hazards that are causing or likely to cause the death or serious physical harm to … employees.” To that end, there are some readily achievable steps that employers can take to prevent the spread of the Coronavirus (and other contagious illnesses) within the workplace, such as: providing hand sanitizer to employees, ensuring that surfaces and eating areas are disinfected regularly, and encouraging employees who are sick to stay home. Employers also may start to consider certain policy changes they may wish to implement in response to the Coronavirus should the situation become more severe in the U.S., such as allowing employees to work from home.
    • Personal Protective Equipment: OSHA requires that protective equipment, clothing, and barriers be provided whenever it is necessary to prevent employees from being exposed to environmental hazards. Employers are required to assess the workplace, determine if hazards are present, and if so, select and have employees use protective equipment. Employers whose employees may encounter individuals infected with the Coronavirus, such as those in the healthcare and travel industries, should begin to consider what protective equipment would be necessary to protect its workforce should the virus begin to spread within the United States.
    • Recordkeeping and Reporting Requirements: OSHA requires that certain employers keep a record of certain work-related illness and injuries (often referred to as an OSHA Form 300 log). While there is a regulatory exemption for recording instances of the standard cold and flu, OSHA has deemed the 2019 Novel Coronavirus a recordable illness when a worker is infected on the job. In addition, certain employers may be subject to reporting requirements under state and local law if they have a reasonable belief that a significant disease is present in the workplace.
    • Employers in Higher-Risk Industries: While, again, OSHA has yet to issue any standards or controls specific to Coronavirus, employers operating in industries where employees may be at a potential increased risk of exposure should prepare for the possibility that heightened requirements may be put in place. In the past, OSHA has issued such guidance for employers in industries such as healthcare, airlines, and mortuary services, such as during the MERS outbreak in 2015.

*          *          *

Information about the Coronavirus is constantly developing, so employers also should continue to refer to the CDCWHO, and OSHA websites for the latest on appropriate precautions, including changes to travel notices.  Of course, we will continue to monitor this situation and report on any updates as they develop.

© 2020 Proskauer Rose LLP.

Coronavirus Spreads from China, Increasing Risks

Originating in the Chinese city of Wuhan, a coronavirus known as 2019-nCoV has spread quickly this month, migrating to multiple other countries as international health officials rush to contain its spread and calm fears. But the spread of the virus—and China’s response—is already having major impacts on businesses both within the country and around the world.

A member of the same family as SARS and MERS, the virus presents similar symptoms as flu or pneumonia. So far, the coronavirus outbreak has killed 17 people and has sickened at least 600 people across China alone. This week, a man in Washington State returning from a visit to Wuhan became the first identified case in the United States. He is reportedly in stable condition and in isolation. Other cases have been reported in Hong Kong, Macao, Japan, South Korea, Thailand, Singapore and Vietnam.

On Tuesday, the Chinese government upgraded the classification of the virus to a Class B infectious disease, giving the government the power to take more serious steps to limit its spread. These include imposing travel restrictions in and out of Wuhan and several nearby cities, with more restrictions pending, which could effectively impose a quarantine over 25 million people. Wuhan’s railway stations, buses and subway were shut down this week, as were several highways out of the city, and hundreds of flights from the city’s international airport were reportedly cancelled.

Additionally, China has begun banning all large gatherings and cancelling public events in major cities, including Beijing. As the country prepares to celebrate the Lunar New Year—when millions travel home out of major cities and/or attend large public celebrations for the holiday—this will likely cause major disruptions for people and businesses. China’s largest investment bank, CITIC Securities, even told its employees in the Hubei province (of which Wuhan is the capital) not to travel home for the holiday, and if they did, that they would be forced to work remotely for two weeks before they could return to the office. Macao—which has one documented case of the coronavirus thus far—has cancelled a public New Year’s festival, and is considering shutting down its casinos (a huge part of the region’s economy) if more cases are discovered.

When outbreaks like the coronavirus occur, companies can protect their business and employees by reviewing existing policies and looking into additional coverage to fill gaps. As Risk Management previously wrote, even limited disease outbreaks can have major impacts on businesses, especially those in the health care industry or operating overseas. Companies may have particular cause for concern about the risks of business interruption and supply chain issues stemming from quarantines, travel disruptions and major event cancellations. For example, many U.S. pharmaceutical companies have moved their drug and medical supply manufacturing to China, and these operations can be affected by health crises.

As the disease has spread internationally, staff operating in areas with documented cases and traveling employees may also face risk of infection. In addition to the travel restrictions China has instituted in various regions, airports around the world have started instituting special screening for passengers from China, possibly further complicating travel. In fulfilling their duty of care to traveling employees, companies have a number of insurance options including foreign voluntary workers compensation or business travel accidental death and dismemberment coverage, and should take the opportunity to review existing coverage and assess any potential gaps moving forward. Pre-trip preparation and training can also help. Ensuring that employees have the resources and knowledge to find in-country medical care or a concrete evacuation plan prior to traveling can also help protect them in a crisis.

Risk Management Magazine and Risk Management Monitor. Copyright 2020 Risk and Insurance Management Society, Inc. All rights reserved.

For more global health issues, see the National Law Review Health Law & Managed Care section.

Sustainability: Environmental, Social, and Governance (ESG)

Understanding the environmental, social, and governance (ESG) issues of today’s business world are key to understanding the discussion of sustainability and climate change (a sub-topic of each ESG and sustainability).  For example, a sustainable business that demonstrates strong ESG planning, will often include climate change risk management.

Today’s press informs that mounting pressure from the United Nations participants continues to build a focus on reducing greenhouse gas emissions.  The UN’s 25th Session of the Conference of the Parties (COP25) to the UN Framework Convention on Climate Change was held in Madrid from December 2 – 13.  The U.S. filed a notification of withdrawal from the Paris Agreement on November 4, 2019.  The U.S. State Department has announced it will continue to participate in ongoing climate change negotiations and meetings, such as COP25, to ensure a level playing filed that protects U.S. interests.  Also, the UN released its report noting the emissions gap they observe that demonstrates the difference between amounts of carbon dioxide emitted now and lower levels predicted as necessary to stop global warming.  The question being asked is whether there are missed opportunities to achieve GHG reduction goals.

Domestic and international companies are in the process of reviewing their ESG reports to assess last year’s accomplishments and in setting goals and action items for the new year of 2020 and beyond.  Climate change and other sustainability concerns like waste management are clearly on the minds of many.  There is no single formula for a well-developed ESG strategy and report, since each is as unique as the individual company about which the report speaks.  There are common ESG themes, however.  The UN Sustainability Goals provide a convenient list of well-refined issues against which a company (or individual) can assess their opportunities and vulnerabilities.  The goals set forth a number of environmental, social, and governance topics worthy of note to include: poverty, hunger, good health, education, gender equality, clean water, affordable and clean energy, decent work and economic growth, industry/innovation/infrastructure, reduced inequality, sustainable cities/communities, responsible consumption and production, climate action, life below water, peace and justice, and partnership to achieve the goal.  These are the types of issues to consider when exploring ESG and sustainability.  Consultation of the Global Reporting Initiative (GRI) and the Sustainability Accounting Standards Board (SASB) can also assist.  Keep in mind that there is no one gold standard metric against which to measure ESG ratings or accomplishments.  The reason for that is simple, each company has a different complement of skills, talents, and opportunities or stated differently, ESG risks and solutions.

If you were to review a few ESG reports found on corporate websites, it will become apparent the differences and unique qualities of each reporting company.  Geographic locations of operations can define the ESG goals.  If operating in major metropolitan cities as opposed to emerging countries, the corporate responsibilities are quite varied.  If manufacturing consumer products, packaging is an attractive target for reduction in waste.  However, if manufacturing items used in the value chain, perhaps an ESG goal is managed through energy consumption during manufacturing or delivery of products.  If providing medical services, the ESG goals can be energy, water, supply chain, waste, etc.  Just as each of us possess capabilities and assets we can use to invest in our future, the same is true for companies.  We must acknowledge the unique accomplishments and actively invite the benefits gained from a collective effort.

The final item listed by the UN Sustainability goals is partnership, meaning the efforts and benefits should be shared.  We all must work together to achieve the change we need.  All contributions must be welcomed to build the sense of common good.

© Steptoe & Johnson PLLC. All Rights Reserved.

For more on global sustainability efforts, see the National Law Review Environmental, Energy & Resources Law section.

Escalated Tension with Iran Heightens Cybersecurity Threat Despite Military De-Escalation

The recent conflict between the United States and Iran has heightened America’s long-time concern of an imminent, potentially lethal Iranian cyber-attack on critical infrastructure in America.   Below, is the latest information including the United States Government’s analysis on the current standing of these threats as of January 8, 2020. 

CISA Alert

The U.S. Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) issued Alert (AA20-006A) in light of “Iran’s historic use of cyber offensive activities to retaliate against perceived harm.”  In general, CISA’s Alert recommends two courses of action in the face of potential threats from Iranian actors: vulnerability mitigation and incident preparation.  The Alert specifically instructs organizations to increase awareness and vigilance, confirm reporting processes and exercise organizational response plans to prepare for a potential cyber incident.  CISA also suggests ensuring facilities are appropriately staffed with well-trained security personnel who are privy to the tactics of Iranian cyber-attacks.  Lastly, CISA recommends disabling unnecessary computer ports, monitoring network, and email traffic, patching externally facing equipment, and ensuring that backups are up to date.

Iranian Threat Profile

CISA asserts that Iranian cyber actors continually improve their offensive cyber capabilities. These actors are also increasingly willing to engage in destructive, kinetic, and even lethal cyber-attacks.  In the recent past, such threats have included disruptive cyber operations against strategic targets, including energy and telecommunications organizations. There has also been an increased interest in industrial control systems (such as SCADA) and operational technology (OT).  Refer to CISA’s Alert and the Agency’s “Increased Geopolitical Tensions and Threats” publication for specific Iranian advanced persistent threats to the nation’s cybersecurity.

Imminence of an Iranian Cyber-attack

While CISA urges vigilance and heightened prudence as it pertains to cybersecurity, DHS has been clear that there is “no information indicating a specific, credible threat to the Homeland.”  Nevertheless, the same National Terrorism Advisory System Bulletin publication (dated January 4, 2020) warns that Iran maintains a robust cyber program. This program can carry out attacks with varying degrees of disruption against U.S. critical infrastructure. The bulletin further states that “an attack in the homeland may come with little to no warning.”  There is also a concern that homegrown violent extremists could capitalize on the heightened tensions to launch individual attacks.  With the ongoing tension, it is unlikely that the imminence of an Iranian cyber-attack will dissipate in the near term.

Implications

It is vital for businesses, especially those deemed critical infrastructure, to stay apprised of new advances on these matters.  Given that the Alert calls for organizations to take heightened preventative measures, it is imperative that critical infrastructure entities revisit their cybersecurity protocols and practices and adjust them accordingly.  A deeper understanding of the organizational vulnerabilities in relation to this particular threat will be imperative.

© 2020 Van Ness Feldman LLP

For more on cybersecurity, see the Communications, Media & Internet section of the National Law Review.

Global Employment Contracts: The Modern Tower of Babel

Although multi-jurisdictional compliance is a challenge in relation to every aspect of employment law, the structure of employment contracts and the enforcement of global policies require particularly careful consideration.

The need to coordinate individual country compliance across numerous countries whilst still maintaining a common company culture requires extensive knowledge of national laws and considerable flexibility.

Contracts

US-based businesses will be used to working with at-will offer letters, but these are mostly unheard of elsewhere. In most jurisdictions, detailed employment contracts are not only customary, but are required by law. As you would expect, companies must ensure the legal compliance of their contractual documentation for each country in which they do business. This includes engagement letters, employment offers, employment contracts, bonus schemes, stock option plans, etc.

With employment contracts, the most common approach is to prepare a contract compliant with local law in accordance with best practices in the jurisdiction where the individual is to be employed. Contracts should incorporate crucial terms, such as probationary periods, termination grounds, working time provisions, and post-termination non-compete and/or non-solicitation provisions.

  • Countries have varying rules on the maximum duration of a probationary period. For example, France permits an eight-month probationary period, one renewal included, for executives under an indefinite-term contract (contrat à durée indéterminée); whereas a 90-day probationary period is standard in the United States.
  • Subject to applicable statutory restrictions in each country, termination provisions provide a good starting point to enforce the departure of an employee, for example in case of a violation of company policies, such as a code of conduct.
  • In France, where the legal working time is 35 hours per week, there is the option of entering into flat-rate pay agreements for autonomous executives whose roles and responsibilities do not permit alignment with the collective working time/office schedule. In the United Kingdom, there exist more flexible, zero-hours contracts, under which the employer is not obliged to provide any minimum working hours but, equally, the employee has no obligation to accept the work offered.
  • The rules on post-termination provisions, such as confidentiality, non-compete and non-solicitation restrictions, vary significantly. Some jurisdictions follow a reasonableness approach (Australia, the United Arab Emirates, and the United Kingdom); others have outright prohibitions (India, Mexico, and Russia); and others mandate compensation for non-compete clauses (China, France, and Germany).

With so many nuances country-by-country, contract drafters often consider choice of law and jurisdiction clauses. Public policy considerations may, however, override such clauses. For an Italian citizen hired in Italy to work in Italy, it will be difficult to apply Australian law merely because the employer is an Australian corporation. The general rule is that the laws of an employee’s physical worksite will likely apply, regardless of such clauses.

The relevant law for all European Union countries is the Rome I Regulation. Under Rome I, foreign employees in Europe benefit from the mandatory laws of the country with which they have the closest connection, which will usually be the country where they normally work. Accordingly, a German employee working in France should receive a French law-governed employment contract, even if the employee works for a UK employing entity.

For highly mobile employees, however, the place of work is often debatable. For instance, English employment courts have decided that an employee working remotely in Australia has the right to bring an unfair dismissal claim in the United Kingdom if the work is done for a UK employer, regardless of the employee’s physical worksite.

Forum-selection provisions that call for a forum other than the place of employment tend to be unenforceable outside the United States. In London, US expatriates working under contracts with such clauses who sue before an English Employment Tribunal are unlikely to see their claim dismissed when their employer invokes the forum-selection clause.

In choice-of-forum situations, Europeans invoke the provisions of the “Recast Brussels Regulation.” These codify the general rule that employees rarely have to litigate employment disputes outside their host country place of employment, even if a choice-of-foreign-forum clause purports to require otherwise.

Communicating Global Policies

Every organisation has bespoke policies, employee handbooks, and a code of conduct. In addition, every organisation has its own HR practices, such as evaluation processes and training programmes, all dictated by the corporate culture and even corporate vocabulary. It can be challenging to extend those across borders and the legal systems of different countries.

In France, policies related to safety, disciplinary procedures, harassment, whistleblowing, etc., particularly if the policy provides sanctions, must be incorporated within internal rules (règlement intérieur), which must be filed with the employment court and inspectorate. If a company fails to file its policies correctly, it may not be able to discipline employees for violating the rules.

Country by country, companies must consider the interrelationship between the contract and the applicable policies. In some jurisdictions, it is advisable to incorporate relevant handbook policies into the contract. In the United Kingdom, for example, it is compulsory to mention disciplinary and grievances procedures in the contract.

Language Barriers

Where the policies are written is, however, merely the beginning. How they are written is much more complicated. Communicating clearly in multiple languages is now a core HR function for global entities. Many jurisdictions, such as Belgium, France, and Poland, require contracts to be in the local language, even for an employee fluent in the primary language used by the employer. If the contract is not in the local language, its provisions, the policies, and other elements, will be unenforceable, at least for the employer.

A typical example is a global bonus plan, where a failure by the employer to translate the target objectives can allow the employee to claim a bonus without needing to comply with the terms of the plan (i.e., without achieving the stated goals or objectives). This has been confirmed by French case law.

In some countries, such as Turkey, the local language will always prevail, regardless of what is provided for in the contract. In those cases, ensuring translation accuracy can avoid inadvertently granting employees more generous terms under a local translation than the company intended.

Local language translations are also required for other purposes. For instance, in Spain the employment contract needs to be filed with the government, in Spanish. In other countries, such as China, works councils and unions will need to be consulted on the implementation of policies, and submissions for those consultations will need to be in the local language.

As a result, businesses now often consider whether to create employment documents in the local language only, or in two languages. If a document is used that has two columns showing the corporate language and the local language, it is crucial to state which language prevails.

© 2019 McDermott Will & Emery

For more on employment law, see the Labor & Employment law page on the National Law Review.

Internet of Things: The Global Regulatory Ecosystem and the Most Promising Smart Environments Part II

Regulatory Ecosystem

Hyperconnectivity is a real phenomenon and it is changing the concerns of society because of the kinds of interactions that can be brought about by IoT devices, which could be: i) People to people; ii) People to things (objects, machines); iii) Things/machines to things/machines.

It gives rise to different issues for people. According to a European Survey, 72% of EU Internet users worry that too much of their personal data is being shared online and that they have little control over what happens to this information[1]. It gives rise to inevitable ethical issues and its relationship with the techno environment.

The discussion on ethics that follows aims to provide a quick tour on general ethical principles and theories that are available as they may apply to IoT[2]. Law and ethics are overlapping, but ethics goes beyond law. Thus, a comparison of law and ethics is made and their differences are pointed out in the great work of Spyros G Tzafestas, who wrote Ethics and Law in the Internet of Things World. In this article, he considers that the risks and  harms in a digital world are very high and complex, especially explaining those tech terms and their impact in our private life. Thus, it is of primary importance to review IoT and understand the limitations of protective legal, regulatory and ethical frameworks, in order to provide sound recommendations for maximizing good and minimizing harm[3].

Major data security concerns have also been raised with respect to ‘cloud’-supported IoT. Cloud computing (‘the cloud’) essentially consists of the concentration of resources, e.g. hardware and software, into a few physical locations by a cloud service provider (e.g. Amazon Web Service)[4]. We are living in a data-sharing storm and the economic impact of IoT’s cyber risks is increasing with the integration of digital infrastructure in the digital economy[5]. We are surrounded by devices which contain our data, for instance:

  • Wearable health technologies: wearable devices that continuously monitor the health status of a patient or gather real-world information about the patient such as heart rate, blood pressure, fever;
  • Wearable textile technologies: clothes that can change their color on demand or based on the biological condition of the wearer or according to the wearer’s emotions;
  • Wearable consumer electronics: wristbands, headbands, rings, smart glasses, smart watches, etc[6].

As a result of the serious impact IoT may have and because it involves a huge number of connected devices, it creates a new social, political, economic, and ethical landscape. Therefore, for a sustainable development of IoT, political and economic decision-making bodies have to develop proper regulations in order to be able to control the fair use of IoT in society.

In this sense, the most developed regions as regards establishing IoT Regulations and an ethical framework are the European Union and the United States both of which have enacted:

  • Legislation/regulations.
  • Ethics principles, rules and codes.
  • Standards/guidelines;
  • Contractual arrangements;
  • Regulations for the devices connected;
  • Regulations for the networks and their security; and
  • Regulations for the data associated with the devices.

In light of this, the next section will deal with Data Protection Regulations, Consumer Protection Acts, IoT and Cyber Risks Laws, Roadmap for Standardization of Regulations, Risk Maturity, Strategy Design and Impact Assessment related with 2020 scenario, which is: 200 billion sensor devices and market size that, by 2025, will be between $2.7 trillion and $3 trillion a year.

Europe

The Alliance for Internet of Things Innovation (AIOTI) was initiated by the European Commission in order to open a stream of dialogue between European stakeholders within the Internet of Things (IoT) market. The overall goal of this initiative was the creation of a dynamic European IoT ecosystem to unleash the potential of IoT.

In October 2015, the Alliance published 12 reports covering IoT policy and standards issues. It provided detailed recommendations for future collaborations in the Internet of Things Focus Area of the 2016-2017 Horizon 2020 programme[7].

The IoT regulation framework in Europe is a growth sector:

  • EU Directive-2013/40: this Directive deals with “Cybercrime” (i.e., attacks against information systems). It provides definitions of criminal offences and sets proper sanctions for attacks against information systems[8].
  • EU NIS Directive 2016/1148: this Network and Information Security (NIS) Directive concerns “Cybersecurity” issues. Its aim is to provide legal measures to assure a common overall level of cybersecurity (network/information security) in the EU, and an enhanced coordination degree among EU Members[9].
  • EU Directive 2014/53: this Directive “On the harmonization of the laws of the member states relating to the marketing of radio equipment”[10] is concerned with the standardization issue which is important for the joint and harmonized development of technology in the EU.
  • EU GDPR: European General Data Protection Regulation 2016/679: this regulation concerns privacy, ownership, and data protection and replaces EU DPR-2012. It provides a single set of rules directly applicable in the EU member states.
  • EU Connected Communities Initiative: this initiative concerns the IoT development infrastructure, and aims to collect information from the market about existing public and private connectivity projects that seek to provide high-speed broadband (more than 30 Mbps).

United States

A quick overview of the general US legislation that protects civil rights (employment, housing, privacy, information, data, etc.) includes:

  • Fair Housing Act (1968);
  • Fair Credit Reporting Act (1970);
  • Electronic Communication Privacy Act (1986), which is applied to service providers that transmit data, the Privacy Act 1974 which is based on the Fair Information Practice Principle (FIPP) Guidelines;
  • Breach Notification Rule which requires companies utilizing health data to notify consumers that are affected by the occurrence of any data breach; and
  • IoT Cybersecurity Improvement Act 2019: the Bill seeks “[t]o leverage Federal Government procurement power to encourage increased cybersecurity for Internet of Things devices.” In other words, this bill aims to shore up cybersecurity requirements for IoT devices purchased and used by the federal government, with the aim of affecting cybersecurity on IoT devices more broadly.
  • SB-327 Information privacy: connected devices: California’s new SB 327 law, which will take effect in January 2020, requires all “connected devices” to have a “reasonable security feature.”

The above legislation is general, and in principle can cover IoT activities, although it was not designed with IoT in mind. Legislation devoted particularly to IoT includes the following:

  • White House Initiative 2012: the purpose of this initiative is to specify a framework for protecting the privacy of the consumer in a networked work.

This initiative involves a report on a ‘Consumer Bill of Rights” which is based on the so-called “Fair Information Practice Principles” (FIPP). This includes two principles:

  1. Respect for Context Principle: consumers have a right to insist that the collection, use, and disclosure of personal data by Companies is done in ways that are compatible with the context in which consumers provide the data;
  2. Individual Control Principle: consumers have a right to exert control over the personal data companies collect from them or how they use it.

China

Where we start to see the most advanced picture is in China. In 2017, the Ministry of Industry and Information Technology (MIIT), China’s telecom regulator and industrial policy maker, issued the Circular on Comprehensively Advancing the Construction and Development of Mobile Internet of Things (NB-IoT) (MIIT Circular [2017] No. 351, the “Circular”), with the following approach in the opening provisions:

Building a wide-coverage, large-connect, low-power mobile Internet of Things (NB-IoT) infrastructure and developing applications based on NB-IoT technology will help promote the construction of network powers and manufacturing powers, and promote “mass entrepreneurship, innovation” and “Internet +” development. In order to further strengthen the IoT application infrastructure, promote the deployment of NB-IoT networks and expand industry applications, and accelerate the innovation and development of NB-IoT[11]

Nowadays China already has a huge packet of regulation on technological matters:

  • 2015 State Council – China Computer Information System Security Protection Regulation (first in 1994);
  • 2007 MPS – Management Method for Information Security Protection for Classified Levels;
  • 2001 NPC Standing Committee – Resolution about Protection of Internet Security;
  • 2012 NPC Standing Committee – Resolution about Enhance Network Information Protection;
  • July 2015: National Security Law – ‘secure and controllable’ systems and data security in critical infrastructure and key areas;
  • 2014 MIIT – Guidance on Enhance Telecom and Internet Security;
  • 2013 MIIT – Regulation about Telecom and Internet Personal Information Protection
  • 2014 China Banking Regulatory Commission – Guidance for Applying Secure and Controllable Information;
  • Technology to Enhance Banking Industry Cybersecurity and Informatization Development

Further, as if this were not enough, the Chinese government is being proactive and has several important laws and regulations in the Pipeline, as it can be seen from the list below:

  • CAC: Administrative Measures on Internet Information Services;
  • CAC Rules on Security Protection for Critical Information Infrastructure;
  • Cybersecurity Law;
  • Cyber Sovereignty;
  • Security of Product and Service;
  • Security of Network Operation (Classified Levels Protection, Critical Infrastructure);
  • Data Security (Category, Personal Information);
  • Information Security.

Finally, China established, in 2016, the National Information Security Standardization Technical Committee and its current work is developing a Standardization – TC260 (IT Security) on Technical requirement for Industrial network protocol and general reference model and requirements for Machine-to-Machine (M2M) security.

Latin America

The Latin American countries have different levels of development and this sets up a huge asymmetry between the domestic legal frameworks. The following is a quick regulation overview on Latin American countries:

  • Brazil has the “National IoT Plan” (Decree N. 9.854/2019) that aims to ensure the development of public policies for this technology sector and members of Brazilian parliament presented the bill No. 7.656/17 with the purpose of eliminating tax charges on IoT products;
  • Colombia has a Draft of Law No. 152/2018 on the Modernization of the Information and Communication providing investments incentives to IT Techs (article 3);
  • Chile has a new Draft Law Boletín N° 12.192-25/2018 on Cyber crimes and regulation on internet devices and hackers attacks;
  • In 2017, Argentina launched a Public Consultation on IoT regarding regulations that must be updated and how to get more security and improve the technological level of the country[12].

Most Promising Smart Environments

Smart environments are regarded as the space within which IoT devices interact connected through a continuous network. Thus, smart environments aim to satisfy the experience of individuals from every environment, by replacing the hazardous work, physical labor and repetitive tasks with automated agents. Generally speaking, sensors are the basis of these kind of smart devices with many different applications e.g. Smart Parking, Waste Management, Smart Roads and Traffic Congestion, Air Pollution, River Floods, M2M Applications, Vehicle auto-diagnosis, Smart Farming, Energy and Water Uses, Medical and Health Smart applications, etc[13].

Another way of looking at smart environments and assess their relative capacity to produce business opportunities is to identify and examine the most important IoT use cases that are either already being exploited or will be fully exploited by 2020.

For the purposes of this article, the approach was restricted to sectors consisting of the most promising smart environments to be developed up to 2020 in the European Market as displayed in the Chart below:

Vertical IOT Market Size in Europe
Vertical IoT Market Size in Europe

 

The conclusions of the last report of the European Commission are impressive and can help to understand the continuous development of the IoT market and how every market has to comply with the law and they will emerge facing a regulatory avalanche as mentioned in item 2 on the Regulatory Ecosystem.

Final Considerations: IoT as Consumer Product Health and Safety

IoT safety is becoming more important every day. On the one hand, as mentioned above, most concerns for IoT safety are primarily in the areas of cyber-attacks, hacking, data privacy, and similar topics; what is better referred to as security than safety. On the other hand, it can be approached by physical safety hazards which may result from the operation of consumer products in an IoT environment or system. IoT provides a new way to approach business and it is not restricted to one or other market or topic. It is a metatopic or metamarket showing different possibilities and applications and will be spread in the near future.

In general, IoT products are electrical or electronic applications with a power source and a battery connected by a charging device. So long as the power source, batteries and charging devices are present we have the usual risks of electrical related hazards (fire, burns, electrical shock, etc.). Nonetheless, IoT makes matters more complicated as smart devices have the function to send commands and control devices in the real world.

IoT applications can switch the main electrical powers of secondary products or can operate complex motor systems and so on. Then they have to be accurate and might provide minimal requirements to care of consumer health and safety. Risk assessment and hazard mitigations will have to adapt to IoT applications reinventing new methods to assure regular standards of IoT usability. Traditional health and safety regulations might be up to date with this new technological reality to be effective at reducing safety hazards for consumer products.

To conclude, this article was intended to summarize two main issues: I) IoT as an increasing and cross topic market which will become a present reality closer to our daily lives; II) IoT will be regulated and become an important concern in consumer product health and safety.

See the first Installment of the IoT:  Seizing the Benefits and Addressing the Challenges and the Vision of IoT in 2020.

[1] Nóra Ni Loideain. Port in the Data-Sharing Storm: The GDPR and the Internet of Things. King’s College London Dickson Poon School of Law Legal Studies Research Paper Series: Paper No. 2018-27.P2.

[2] Spyros G Tzafestas. Ethics and Law in the Internet of Things World. Smart Cities 2018, 1(1), 98-120. P. 102.

[3] Spyros G Tzafestas. Ethics and Law in the Internet of Things World. Smart Cities 2018, 1(1), 98-120. P. 99;

[4] Nóra Ni Loideain. Port in the Data-Sharing Storm: The GDPR and the Internet of Things. King’s College London Dickson Poon School of Law Legal Studies Research Paper Series: Paper No. 2018-27.P. 19.

[5] Petar Radanliev, David Charles De Roure and others. Definition of Internet of Things (IoT) Cyber Risk – Discussion on a Transformation Roadmap for Standardization of Regulations, Risk Maturity, Strategy Design and Impact Assessment. Oxford University. MPRA Paper No. 92569, March 2019, P. 1.

[6] pSyros G Tzafestas. Ethics and Law in the Internet of Things World. Smart Cities 2018, 1(1), 98-120. P. 101; https://doi.org/10.3390/smartcities1010006

[7] More information available here.

[8] EUR-Lex Document 32013L0040. Directive 2013/40/EU of the European Parliament and the Council of 12 August 2013. Available here.

[9] NIS Directive. The Directive on Security of Network and Information Systems.

[10] EUR-Lex Document 32014L0053. Directive 2014/53/EU of the European Parliament and the Council of 16 April 2014.

[11] Notice of the General Office of the Ministry of Industry and Information Technology on Promoting the Development of Mobile Internet of Things. Department of Industry communication letter [2017] No. 351.

[12] Available here.

[13] More examples

Copyright © 2019 Compliance and Risks Ltd.
This article was written by João Pedro Paro from Compliance & Risks.

Internet of Things: Regulatory Ecosystem and Consumer Product Health and Safety – Part I

IoT: International Framework

Technological Revolutions are quiet and astonishing. Step by step new technological applications are pushing existing paradigms and changing the way business is transacted by consumers, companies and in society. In the past, electricity and printing had a revolutionary role in social development, shifting all sectors of life. These days, the Internet of Things (IoT) is pivotal in creating quick, profound and quiet transformations.

According to the Committee on Digital Economy Policy of Directorate for Science, Technology and Innovation of OCED:

The Internet of Things (IoT) could soon be as commonplace as electricity in the everyday lives of people in OECD countries. As such, it will play a fundamental role in economic and social development in ways that would have been challenging to predict as recently as two or three decades ago[1].

In 2008-2009, according to Cisco IBSG – Internet Business Solutions, there were more connected objects, such as smartphones, tablets and computers, than the world’s population. Therefore, this period is considered the year that IoT was born[2]. In 2008, Rob Van Kranemburg published “The Internet of Things”, which addresses a new paradigm in which objects produce information.

Supporting CISCO’s statement, the chart below of Google Trends shows the period of time during which popularity in searches on Google increased. In the last 5 years, IoT has sharply rocketed as a very attractive subject in the general mind of the people on the internet[3]:

Compliance Risks Chart 1
Interest Over Time (2004-2019) As Search Item

 

Digging deeper we can see that IoT popularity is not only relevant to internet users or to some futuristic curiosity on Google, it is a real and concrete “combination of network connectivity, widespread sensor placement, and sophisticated data analysis techniques” which enables“applications to aggregate and act on large amounts of data generated by IoT devices in homes, public spaces, industry and the natural world”[4].

The potential benefits of this kind of connectivity are immense: real-time monitoring and more accurate metrics, the ability to remotely control various actions, interconnectivity and automation, plus the ease of handling a variety of devices that can be centralized on just one smartphone. Nonetheless, this technological avalanche also brings risks and vulnerabilities to users, such as increased vigilance over our habits, exposure of our personal data, hacking vulnerabilities, global or cascading failures, among others.

In the last two years, a set of supporting policy actions have been adopted by the European Commission to accelerate the take-up of IoT and to unleash its potential in Europe for the benefit of European citizens and businesses[5]. These policy actions and statements are not only a guess or shallow forecast, they are a serious result of data and market analysis that came from several studies which found impressive numbers such as 11 billion connected ‘things’ in 2018[6]. This could be as many as 20 billion connections by 2020[7], about 6 billion of which will be in Europe[8]. Of these, 60-65% are consumer devices.

According to the Centre for the Promotion of Imports (CBI) more than 65% of businesses are expected to use IoT products by 2020, compared to 30% in 2017. Europe accounts for more than a third of global Industrial IoT investments by 2020. The market is expected to grow at an impressive average annual rate of 22%. Reaching a value of €287 billion in 2020, Industrial IoT is Europe’s largest IoT market[9].

Seizing the Benefits and Addressing the Challenges

The Centre for the Promotion of Imports (CBI), an Agency of the Netherland’s Ministry of Foreign Affairs and part of the development cooperation effort of the foreign relations of the Netherlands conducted research on the IoT in Europe in January 2019. It concluded:

The European market for Internet of Things (IoT) solutions is growing. Western and Northern Europe are especially promising. Both consumer and business IoT offer opportunities, but specialisation may give you a competitive advantage. The home, health and finance sectors are front runners. National and European initiatives are working to stimulate the roll-out of Industrial IoT solutions and lower barriers. The shortage of skilled specialists continues to drive outsourcing[10].

Apart from an advantageous and “smart” business opportunity, IoT can facilitate innovation in the private sector supporting a wide range of innovative businesses, not only raising the productivity level but increasing the accountability and responsiveness of companies and its employees, improving the client confidence.

Thus, IoT can work to facilitate Private Sector Innovation by so-called industrial Internet, Next Production Revolution (NPR)[11], autonomous machines and big data[12] and automotive industry[13]. On the other hand, innovative Public Sector Delivery with IoT applications could provide smart cities[14], smart governments, smart street lighting[15]and traffic flow optimization[16], innovation in healthcare practice and delivery[17]. IoT technologies are, therefore, expected to play a major role in improving the management of transport, energy use, water services, education, employment, health, crime prevention, by making society more efficient, innovative, safe, sustainable, and inclusive[18].

Regardless of all the benefits, there are many challenges and risks associated with IoT digital security, such as cyber attacks, digital incidents and privacy challenges. Furthermore, bad outcomes can happen causing physical consequences in case of the wrongdoing of autonomous vehicles, health care tools or industrial machines.

The Vision of IoT in 2020

First of all, the 2020 scenario might be approached by a combination of the Cloud and Big Data. Nowadays the hyperconnectivity[19] of society drives IoT to be “The Next Big Thing” in business. According to OECD this next big thing will be related to “a sophisticated industry ecosystem consisting of vendors (providing components), suppliers (creating solutions), service providers, and enterprise users in all sectors of the economy” that will be “measured in billions of Euro in Europe alone, and that will extend across the world too”[20].

Could expectations be too high? Maybe not, because of the following points: I) the centrality of IoT in the upcoming years is corroborated by the sheer number of connections that are expected to be in place by 2020; II) IoT ecosystem will have grown to encompass not only the traditional supply-side actors, but also a rising number of businesses and organizations serving and using  IoT; III) hyper-connected society will be an established reality by 2020, as most of the “things” that can be connected, will be by then.

In 2018, the World Economic Forum (WEF) published a study considering initiatives on the future of production. Essentially, it gives an insight into: i) Solution-driven: technology can tackle and solve challenges that have previously been insurmountable; ii) Human-centric: technology can unlock human potential by unleashing creativity, innovation and productivity in new ways; iii) Sustainable: technology can promote sound production processes that minimize negative environmental impact, conserve energy and resources and enable carbon neutrality; iv) Inclusive: employees, companies and countries at different stages of development benefit from Fourth Industrial Revolution technologies and the transformation of production systems[21].

One of its conclusions is that in the coming years, the IoT market is expected to grow across Europe. Most of the front runners are Western European countries, which have traditionally invested more in IT. And together, six countries make up more than 75% of the European IoT market, this makes them especially promising target markets for 2020.

Market Size in Europe
Chart 2. IoT Market Size in Europe

 

Further, apart from the geographic localization of the opportunities arising, to have a real and concrete overview it is important to be aware of the market size and 2020 forecast by sector. By 2020, industrial IoT is predicted to consist of:

  • 60% cross-industry devices – used in multiple industries, mainly to save costs;
  • 40% vertical-specific devices – used in a specific industry to improve efficiency/accuracy.
  • Industrial IoT also offers good opportunities, as the average spending per device is much higher in this sector. This makes total spending on consumer and industrial IoT about equal by 2020[22].
Compliance and Risks Chart 3
Chart 3: IoT Market Size Per Sector

 

Based on the US Dollar: Euro exchange rates in October 2018, the global average spending on IoT devices is expected to be:

  • €102 per consumer device;
  • €114 per cross-industry business device;
  • €239 per vertical-specific business device.

Finally, electronic sensors are now everywhere – in smartphones, cars, home electronic systems, healthcare devices, fitness monitors and in the workplace. It has been estimated that, by 2020, over 200 billion sensor devices will be inter-connected, creating a market size that, by 2025, will be between $2.7 trillion and $3 trillion a year[23].

At the same time, the market opportunity will bring regulatory challenges. The next section of this report will analyze by specific studies the impact of regulatory requirements on IoT devices and deployment.

Read more: Internet of Things: The Global Regulatory Ecosystem and the Most Promising Smart Environments Part II

[1]  OCDE. Committee on Digital Economy Policy of Directorate for Science, Technology and Innovation. The Internet of Things: Seizing the Benefits and Addressing the Challenges. Background Report for Ministerial Panel 2.2. English Version. 24 May 2016. P. 5. Available here.

[2] MANCINI, Monica. Internet das Coisas: História, Conceitos, Aplicações e Desafios. Available here.

[3] Interest over time. Numbers represent search interest relative to the highest point on the chart for the given region and time. A value of 100 is the peak popularity for the term. A value of 50 means that the term is half as popular. A score of 0 means there was not enough data for this term. The information is available here.

[4] Idem, p. 5.

[5] European Commission. Digital Single Market. Policies: Internet of Things. Available here.

[6] Gartner, Inc. Press Release. Gartner Says 8.4 Billion Connected “Things” Will Be in Use in 2017, Up 31 Percent From 2016. February 2017. Available here.

[7] Idem, Leading the IoT. Gartner Insights on How to Lead in a Connected World. 2017. P. 2.

[8] European Commission. Definition of a Research and Innovation Policy Leveraging Cloud Computing and IoT Combination. FINAL REPORT. A study prepared for the European Commission. DG Communications Networks, Content & Technology. Digital Agenda for Europe. Available here.

[9] Netherlands Ministry of Foreign Affairs. Centre for the Promotion of Imports (CBI). January 2019. Available here.

[10] Netherlands Ministry of Foreign Affairs. Centre for the Promotion of Imports (CBI). January 2019. Available here.

[11] (NPR) entails a confluence of technologies ranging from a variety of digital technologies (e.g. 3D printing, the Internet of Things [IoT] and advanced robotics) to new materials (e.g. bio- or nano-based) to new processes (e.g. data-driven production, artificial intelligence [AI] and synthetic biology). The Next Production Revolution. A Report to G20. OECD, 2017. Available here.

[12] Autonomous machines and the use of big data are increasingly present in agriculture. Robots can now sort plants based on optical recognition, harvest lettuce and recognise rotten apples. Idem, Ibidem.

[13] The automotive industry is one of the sectors most affected by interconnectivity and enhanced efficiency in both production and operation of vehicles. Idem, Ibidem.

[14] “Smart city plans explore the ability to process huge masses of data coming from devices such as video cameras, parking sensors and air-quality monitors to help local governments achieve goals in terms of increased public safety, improved environment and better quality of life. In: OCDE. Committee on Digital Economy Policy of Directorate for Science, Technology and Innovation. The Internet of Things: Seizing the Benefits and Addressing the Challenges. Background Report for Ministerial Panel 2.2. English Version. 24 May 2016. P. 16.

[15]“Dublin (Ireland), Oslo (Norway) and Chattanooga, Tennessee in the United States have started to use smart street lighting systems.29 Often triggered by replacing municipal lighting with LED solutions to save on energy costs, smart street lighting can offer combined savings of up to USD 100 per streetlight per year”. Idem, Ibidem.

[16]“The SCOOT system developed by Transport for London uses data on road usage with real-time control of traffic lights in the city to deliver on average a 12% improvement in traffic flow. Other large cities, like Beijing, São Paulo, Toronto or Preston have introduced SCOOT”. Idem, Ibidem.

[17] “Smaller sensors, smartphone assisted readouts, big data analysis and continuous remote monitoring can enable new ways of managing care. Such a digital health feedback system includes wearable and that work together to gather information about medication-taking, activity and rest patterns. Idem. p.15.

[18] UN General Assembly, Report of the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, A/HRC/32/38 (2016), P.12.

[19] A term invented by Canadian social scientists Anabel Quan-Haase and Barry Wellman, it refers to the use of multiple means of communication, such as email, instant messaging, telephone, face-to-face contact and Web 2.0 information services.

[20] OCDE. Committee on Digital Economy Policy of Directorate for Science, Technology and Innovation. The Internet of Things: Seizing the Benefits and Addressing the Challenges. Background Report for Ministerial Panel 2.2. English Version. 24 May 2016. P. 24.

[21] World Economic Forum. Insight Report. Readiness for the Future of Production. Report 2018. Available here.

[22] Netherlands Ministry of Foreign Affairs. Centre for the Promotion of Imports (CBI). January 2019. Available here.

[23] Russo et al. Exploring regulations and scope of the Internet of Things in contemporary companies: a first literature analysis. Journal of Innovation and Entrepreneurship, 2015, P. 5.

Copyright © 2019 Compliance and Risks Ltd.
This article was written by João Pedro Paro of Compliance & Risks.
For more on the Internet of Things, please see the National Law Review Communications, Media & Internet law page.

Japan’s Labor Reform Caps Overtime in a Bid to Curb Karoshi

From low productivity to the death of citizens by overwork, Japan’s labor practices have long maintained a complicated relationship with the country’s workforce. The problem of death by overwork is so prevalent the Japanese have created a word for it: karoshi. On June 29, 2018, Japan passed the “Work Style Reform Law” (the Law) to address some of these issues.

Currently, Japanese law permits employers to enter into special agreements with employees that require them to work an unlimited number of overtime hours. The Law however, generally will limit overtime work to 45 hours per month with a maximum of 360 hours in a year. During busy periods, the overtime limit will be relaxed allowing for up to 100 hours of overtime not to exceed a maximum of 720 hours in a year. In addition, employees may not work, on average, more than 80 hours of overtime per month. This figure will be averaged over a period of two, three, four, five, and six consecutive months. These overtime provisions will go into effect in April 2019 for large employers and April 2020 for small and mid-sized employers. Violation of these provisions will subject employers to financial penalties.

Highly skilled professional workers, however, are exempt from the protection of these overtime provisions. Under the law, highly skilled professional workers must: (i) work a job requiring specialized skills, and; (ii) earn an annual salary of ¥10.75 million or more (roughly $95,000 USD). Labor reform supporters have sharply criticized this exemption as a license to continue the practice of overwork. Meanwhile, supporters of the Law have characterized the exemption as a nod to the working style of professionals where hours and results do not necessarily correlate. Future administrative guidelines will provide employers insight as to what jobs fall into the exemption. The exemption will take effect in April 2019.

In addition, the Law will require employers to treat regular and fixed-term employees equally. Although further administrative guidelines will be issued regarding this provision, employers should: (i) prepare to provide increased compensation and benefits for fixed-term and other non-regular employees; and (ii) begin reviewing the compensation differences between their regular and fixed-term employees to identify any disparities. Enforcement of this provision will likely involve disclosure requirements for employers. This provision will take effect in April 2020 for large employers and April 2021 for small and mid-sized employers.

The Law also contains provisions mandating the use of paid time off. Japanese labor culture has long led to a chronic and voluntary under-usage of paid time off by employees. The Law addresses this issue by requiring that employees entitled to 10 days of annual paid leave or more use at least five of those days each year.

The use of a work-interval system is also encouraged under the law. The law notes that employers should “make efforts” to ensure that there is a minimum interval between the end of a day’s working hours and the beginning of the next day’s working hours. This provision will take effect in April 2019.

 

© 2018 Proskauer Rose LLP.

The Unique Quandaries Faced in Recovering International Cryptocurrency Frauds

Cryptocurrency itself is a string of computer-generated code.  This line of code is accessed by an owner’s unique passcode secret private key.  Each owner’s cryptocurrency is kept in their “Virtual Wallet”. Virtual wallets are similarly anonymous as are the virtual currency balances. The transfer of cryptocurrency is based upon the block chain protocol, a public decentralized ledger that identifies transactions by a digital code with no link to a person or place.

Practically, there is no public record of virtual currency transfers.  Other than the debtor’s own testimony, a creditor would not know where to begin searching for evidence of virtual currency purchases or transactions. There is no way for a creditor to identify either the owner or location of a transferee’s cryptocurrency address. In some cases, the debtor could honestly state that he does not know the identity of the individual who received his cryptocurrency transfers.

For asset protection purposes, a cryptocurrency account currently functions similarly to offshore banking prior to the IRS’s crackdown of anonymous personal foreign accounts.  Today, it is almost impossible for U.S. citizens to establish an anonymous bank account, or any type of bank account, outside of the U.S. With the advent of Bitcoin, a U.S. citizen can open and maintain a financial account that has creditor protection features similar to an offshore bank account in that the Bitcoin account is anonymous and can be maintained outside the geographical jurisdiction of domestic courts. Since block chains are decentralized, they are not subject to any central authority (such as a bank or other financial institution) that might be legally compelled to provide a court with access or control over assets in its possession. Without the complete private key, no court or legal authority can manipulate ownership of a block chain asset.

At the moment, creditors face obstacles of identifying potential defendants and the international nature of the transaction.  Properly selected offshore fiduciaries holding accounts are unlikely to become subject to the jurisdiction of a court where a defendant may be sued.  Absent jurisdictional authority, a court is powerless to compel the fiduciary to turn over assets. Similarly, a US court could try to compel the party to turn over the account or information about the transaction. The court’s contempt powers could be used to coerce compliance. Arrest and incarceration can be utilized. See In Re Lawrence, 279 F.3d 1294,1300 (11th Cir. 2002); FTC v. Affordable Media Inc., 129 F.3d 1228, 1229 (9thCir. 1999). But, on cruel and unusual punishment grounds, incarceration cannot be imposed forever. If the asset is more important than personal freedom, a court’s power of compliance is limited.

There are two equitable remedies that exist under English common law which could be flexibly applied to these evolving transactions. One existing remedy is the equitable pre-trial discovery device known as a Norwich Pharmacal order requiring third parties to disclose information to potentially identify the wrongdoer, to trace funds and to assist prospective plaintiffs in determining whether a cause of action exists.  (There are five states in the U.S. that also allow for pretrial discovery to identify the wrongdoing.)  Norwich orders, being a flexible tool of equity, could assist in claims involving cryptocurrency transactions.  It may be possible that identification information might come from “know your customer” information given a bitcoin exchange.  Proceedings could be constituted as “the bitcoin holder with the public key number…”  However, the hurdle still exists to identify the wrongdoer.

The second equitable remedy is injunctive relief.  Courts have granted world-wide injunctions, particularly when the impugned conduct is occurring online and globally, such as the internet.  InGoogle Inc. v. Equustete, 2017 SC 34, the Supreme Court of Canada recently held that injunctive relief can be ordered against somebody who is not a party to the underling lawsuit, even if that third party is not guilty of wrongdoing.  Google was ordered to stop displaying search results globally for any Data Link websites.  “The problem in this case, is occurring online and globally.  The internet has no borders; its natural habitat is global.  The only way to ensure interlocutory injunction (order) attain its objection was to have it apply where Google operates – globally.”  Thus, if the third party to the block chain transaction can be identified, there may be a remedy to discover information and wrongdoing.

Therefore, courts will need to apply not only new remedies, but expand existing ones.  While the identities of the buyer and seller are encrypted, a transaction record is maintained on the public ledger. In the future, anti-money laundering laws and cryptocurrency exchanges may require the collection of personal data of customers. Until then, the challenge of recovery will require creativity and experience.

 

© Horwood Marcus & Berk Chartered 2018.
This post was written by Eric (Rick) S. Rein from Horwood Marcus & Berk Chartered.

Climate Change and Trends in Global Finance

On December 12, French President Emmanuel Macron, joined by President of the World Bank Group, Jim Yong Kim and the Secretary-General of the United Nations, António Guterres, hosted the One Planet Summit highlighting public and private finance in support of climate action. The summit’s focus centered on addressing the fight against climate change and ensuring that climate issues are central to the finance sector.

The summit’s most notable event was perhaps the announcement that insurance giant Axa would be dumping investments in and ending insurance for controversial U.S. oil pipelines, quadrupling its divestment from coal businesses, and increasing its green investments fivefold by 2020. Axa’s plans echo those of BNP Paribas, who, in mid-October, announced that it would terminate business with companies whose principal activities involve exploration, distribution, marketing, or trading of oil and gas from shale or oil sands. The bank also ceased financing projects that are primarily involved in the transportation or export of oil and gas. These moves themselves follow controversy over the Dakota Access pipeline in the U.S. from mid-March that resulted in ING’s $2.5 billion divestment in the loan that financed the pipeline.

These measures prefigure what might be a more conspicuous trend of large institutional investors moving more rapidly away from fossil fuel investments and into green investments. In mid-December, the World Bank said it would end all financial support for oil and gas exploration by 2019. Around the same time, New York Governor Andrew Cuomo revealed a plan for the state’s common retirement fund, with over $200 billion in assets, to cease all new investments in entities with significant fossil-fuel related activities and to completely decarbonize its portfolio. Recently, HSBC pledged $100 billion to be spent on sustainable finance and investment over the next eight years in an effort to address climate change. Additionally, JP Morgan Chase committed $200 billion to similar clean-minded investments, Macquarie acquired the UK’s Green Investment Bank, and Deutsche Bank and Credit Agricole both made exits from coal lending. As the landscape of global finance shifts, it will be important to monitor how funds, banks, and insurers address the issues related to climate change.

 

©1994-2017 Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C. All Rights Reserved.