Legislation Archives

Reminder to New Jersey employers to provide required CEPA notice

New Jersey employers with 10 or more employees are reminded of their annual obligation to provide to their employees, in both English and in Spanish, the required notice under the Conscientious Employee Protection Act (the “CEPA”). The notice may be distributed in hard copy or electronic format, but having only a poster or a policy in a handbook does not fulfill an employer’s notice obligation under the CEPA.

Enacted in 1986, this anti-retaliation statute is known as New Jersey’s Whistleblower’s Act. The goal of the CEPA is to encourage whistleblowers to report wrongdoing to their employers without fear of reprisals. Overall, CEPA provides a broader range of protections and remedies than other similar statutes, such as the federal False Claims Act.

December 9th, 2013|Categories: Employment Decisions, Legislation|Tags: New Jersey, whistle blower|

New law prohibits North Carolina employers from asking about expunged records

Effective December 1, 2013, employers in North Carolina will not be able to ask job applicants about arrests, criminal charges, or convictions that have been expunge SB 91 prohibits inquiries into expunged matters both on applications and during interviews, and was enacted to clear the public record of any arrest, criminal charge, or conviction that was expunged so that the subject is legally entitled to withhold all information about it from potential employers and others. Notably, employers will still be allowed to ask about arrests, criminal charges, or convictions that have not been expunged and can be found in public records.

October 29th, 2013|Categories: Criminal Activity, Employment Decisions, Legislation|Tags: Criminal Records, North Carolina, SB 91|

California passes two new data privacy laws

Effective January 1, 2014, California will have two new data privacy laws: AB 370, which mandates disclosure of “do not track” and other tracking practices in online privacy policies, and SB 46, which amends the state’s data security breach notification law.

AB 370 adds to the California Online Privacy Protection Act (“CalOPPA”) a requirement for companies that collect personally identifiable information online to include disclosures regarding (1) how they respond to a web browser’s “do not track” (DNT) signal, and (2) if third-parties can collect personal information across a network of sites. The law does not require websites to honor browser DNT signals or block third-party tracking; it simply tries to increase transparency about the site’s practices.

SB 46 adds a new category of data triggering California’s breach notification requirements, to wit: “a user name or e-mail address, in combination with a password or security question and answer that would permit access to an online account.” The new law requires notification of unauthorized access to user credential information even if that information is encrypted.

October 25th, 2013|Categories: Legislation, Privacy|Tags: California, CalOPPA, Privacy|

Tenant screening laws update: passing background check costs to the applicants

The states of Washington and Oregon recently enacted laws in connection with tenant screening. Among the provisions in both Washington’s RCW §59.18.257 and Oregon’s OAS §90.295, is that the entire cost of the background check can be charged to the applicant, if the screening is performed by a consumer reporting agency (“CRA”). However, if the landlord conducts the background check, it may not charge in excess of the customary fees of the CRAs in its geographical area.

Notably, California’s Civil Code §1950.6(b) provides that a landlord cannot charge (or pass-through) to the applicant more than $30 for a background check. This application screening fee may be adjusted annually by the landlord or its agent commensurate with an increase in the Consumer Price Index. (The current adjusted amount is $41.50.)

September 12th, 2013|Categories: Commercial Transactions Due Diligence, Legislation|Tags: California, Oregon, Washington|

New regulation in the UK mandates licensing of private investigators

Presented to the Parliament by the Secretary of State for the Home Department by Command of Her Majesty on July 31, 2013, the new regulation, which will take effect next year, makes operating as an unlicensed private investigator in the United Kingdom a criminal offense. Licenses will be granted by the Security Industry Authority only when an applicant has successfully completed training and achieved a government-recognized qualification, including an understanding of relevant laws and standards, and the skills required to conduct activities ethically; has confirmed his/her identify; and has passed a criminal background check.

September 12th, 2013|Categories: Legislation|Tags: Security, UK|

Illinois amends its password protection law to exclude financial services firms

In August 2013, Illinois passed an amendment to its existing password protection law that lifts restrictions for financial services firms, enabling them to monitor their employees’ business-related social media communications. Effective January 1, 2014, the law will no longer apply when an employer requests access to a “professional account” to “monitor or retain employee communications as required under the state’s insurance or federal law or by a self-regulatory organization. The amendment also permits Illinois employers to seek access to a professional account when the employer has “a duty to screen applicants or employees prior to hiring.”

September 12th, 2013|Categories: Legislation|Tags: Financial Services, Illinois, Social Media|

New Jersey enacts law for social media password protection

Continuing a nationwide momentum of restricting employers’ access to personal social media content of applicants and employees, in August 2013, New Jersey passed Act 2878 joining eleven other states (Maryland, Illinois, California, Michigan, Utah, New Mexico, Arkansas, Colorado, Washington, Oregon, and Nevada) with similar laws. Dozens more states and the U.S. Congress are considering comparable legislation. New Jersey’s new law, which becomes effective December 1, 2013, prohibits employers from asking or requiring that applicants or employees “provide or disclose any user name or password, or in any way provide the employer access to a personal account through an electronic communications device.”

September 12th, 2013|Categories: Legislation|Tags: Employment Decisions, Social Media|

California passes bill that would require policy disclosures for “do not track”

On August 28, 2013, the California State Senate and Assembly passed AB 370, to amend the California Online Privacy Protection Act (CalOPPA) that would require operators of commercial websites or “online services” accessible to California residents to disclose how the site responds to “do not track” (DNT) browser settings, which in turn will trigger enforceability by federal and state authorities. The amendment is expected to be signed by Governor Jerry Brown.

September 12th, 2013|Categories: Legislation|Tags: CalOPPA, Privacy|

FINRA is spot-checking social media communications

In posting a Targeted Examination Letter (often referred as a sweep letter) on its website earlier this month, FINRA invoked Rule 2210(c)(6), which states that each FINRA firm’s written (including electronic) communications are subject to a periodic spot-check procedure.

FINRA’s sweep letter seeks, among other things, an explanation of how the firm is using social media at the corporate level in conducting its business; the identity of all individuals who post and/or update content; how the firm’s registered representatives and associated persons generally use social media to conduct the firm’s business; written supervisory procedures concerning the production, approval and distribution of social media communications; the measures to monitor compliance with the firm’s social media policies; and a tabular list of the firm’s top 20 producing registered representatives (based on commissioned sales) who used social media for business purposes to interact with retail investors.

June 27th, 2013|Categories: Legislation|Tags: FINRA, Social Media|

Virginia takes workers’ privacy to a new level

Starting July 1, 2013, new Virginia Code §40.1-28.7:4 provides that “employers shall not, unless a listed exemption applies, be required to release, communicate, or distribute to a third-party, any current or former employee’s personal identifying information.”

In this context, “personal identifying information” is defined as a “home telephone number, mobile telephone number, e-mail address, shift times, or work schedule.” Exceptions permitting the disclosure of such information include requirements of federal laws that supersede state statutes, court orders, judicial warrants or a subpoena in a civil or criminal case. Although there is no penalty, the statute establishes a public policy that endorses protection of the personal identifying information and could be used in a lawsuit against employers.

June 27th, 2013|Categories: Employment Decisions, Legislation|Tags: Employment Decisions, Privacy, Virginia|