On November 8, 2021, New York Governor Kathy Hochul signed a bill into law (the “Law”) that will require employers to provide written notice to employees before engaging in electronic monitoring of telephone, email, and internet access or usage. The Law will take effect on May 7, 2022. Key takeaways are summarized below.
Continue Reading New York State Employers to Require Transparency in Electronic Monitoring
On January 6, 2021, a bipartisan group of New York State lawmakers introduced Assembly Bill 27, the latest version of proposed privacy legislation that would allow consumers to sue companies for improperly using or retaining their biometric data. Better known as the Biometric Privacy Act (the “BPA”), the bill, if enacted, would impose significant compliance requirements for companies handling biometric data. The BPA would make New York State only the second state with a private right of action that includes statutory damages against entities that improperly use or retain biometric data. If the BPA is signed into law, it would likely bring a flood of class action litigation, similar to that seen in Illinois under Illinois’ Biometric Information Privacy Act (the “Illinois BIPA”).
Continue Reading New York Proposes Biometric Privacy Act With Private Right of Action
On November 19, 2020, the California Occupational Safety and Health Standards Board unanimously adopted emergency temporary standards on COVID-19 prevention in the workplace. For much of the pandemic, California’s Division of Occupational Safety and Health (“Cal/OSHA”) has advised employers to follow its general and industry-specific guidance on various measures to implement to minimize the risk of employees’ exposure to COVID-19. However, the new emergency standards will be binding and enforceable against nearly all California employers. The emergency standards will become effective immediately on November 30, 2020, if approved as expected by the Office of Administrative Law (“OAL”) after the required 10-day review period. Thus, employers must act quickly to ensure they are in compliance with the new standards and the requirement to prepare and implement a written COVID-19 Prevention Program.
Continue Reading Cal/OSHA Adopts New COVID-19 Emergency Standards Requiring Immediate Action by Employers in California
California voters resoundingly approved Prop 24, also known as the California Privacy Rights Act (“CPRA”) and CCPA 2.0—yet again shaking up California’s privacy laws and making California the epicenter for digital privacy rights in the United States. This article answers questions about how the CPRA changes existing laws and impacts “sensitive personal information” maintained by businesses about their applicants, employees, and independent contractors.
Continue Reading Riding the Privacy Wave: California Privacy Rights Act & Its Impact on Employers
2020 has been a transformative year of everlasting uncertainty and constant change: employee privacy is no exception. California laws impacting employee data are changing yet again. This article highlights what employers need to know about (1) recent amendments to the California Consumer Privacy Act, and (2) what happens if the California Privacy Rights Act is approved by voters on November 3, 2020.
Continue Reading The Only Constant Is Change: How Evolving Privacy Laws Impact Employers
On September 17, 2020, Governor Newsom signed Assembly Bill (AB) 685 into law, establishing new requirements for employers to notify employees and their unions about a potential COVID-19 exposure in the workplace. The new law, which will be in effect from January 1, 2021, until January 1, 2023, also requires employers to report a COVID-19 “outbreak” at the worksite to local health authorities. Further, AB 685 relaxes the pre-citation requirements that the Division of Occupational Safety and Health (“Cal/OSHA”) must follow before issuing a citation for a serious violation related to COVID-19. This article breaks down the various requirements of the new law and identifies potential complications or issues that employers should be aware of when attempting to comply with the new requirements.
Continue Reading Enactment of AB 685 Establishes COVID-19 Exposure Notice Requirements for California Employers and Cal/OSHA Enforcement Changes
Our proximity and “close contact” with other humans is on the front lines in the war against coronavirus. Yet tracking 6 feet of distance from every human we encounter for a 14 day period is nearly impossible without the help of technology like contact-tracing apps. Although many privacy and employment laws designed to protect employee rights have been temporarily relaxed during the pandemic, employers must consider and resolve employee privacy issues created by contact-tracing apps. As businesses forge roadmaps to reopen, these apps offer innovative solutions to meet legal requirements imposed by OSHA and Centers for Disease Control. This article explores what employers need to know about contact-tracing apps including how they work, the laws that govern, the impact to employee privacy, consent, and ways to mitigate risk associated with contact-tracing apps.
Continue Reading Up Close & Personal: Contact-Tracing Apps & Employee Privacy
On May 4, 2020, California Governor Gavin Newsom announced that the state would begin the process of allowing various businesses to reopen physical locations as part of a four-phase plan that seeks to gradually re-establish business operations in light of the ongoing COVID-19 pandemic. While a welcome sign for many businesses and employees, the phased re-opening of California brings about a flurry of return-to-work issues, one of which is how businesses can reduce the number of physical touch points in the workplace.
Continue Reading The California Data Privacy Implications of Using Facial Recognition in the Wake of the COVID-19 Pandemic
For the first time, the Supreme Court has agreed to review the Computer Fraud and Abuse Act (CFAA). The Court’s initial review of the CFAA comes in the wake of a federal circuit split as to whether the statute can only be deployed against hackers and unauthorized users of electronic systems, or also against authorized users who use the information for unauthorized purposes. The Court’s decision may significantly affect not only how law enforcement uses the CFAA, but also whether civil litigants, such as employers, may use the CFAA to defend against unauthorized employee activities.
Continue Reading U.S. Supreme Court Case Preview—Van Buren v. United States: Does Use of a Computer for an “Improper Purpose” Violate the Computer Fraud and Abuse Act?
To slow the spread of the coronavirus, millions of United States workers are under government orders to stay at home. However, many businesses considered “essential critical infrastructure” continue to operate and their employees are needed to work. Many of those businesses are administering health tests like temperature checks to ensure the health and safety of their workforce and the public. When quarantine restrictions eventually lift, businesses will reopen and employers may choose to screen employees before returning to work. In a question and answer format, this article discusses the intersection of laws that require employers to maintain a safe work environment with an employee’s right to privacy.
According to the World Health Organization, the primary symptoms of coronavirus include fever, tiredness and dry cough. Other reported symptoms may include shortness of breath, aches and pains, sore throat, nausea, runny nose and loss of smell or taste. Temperature checks are currently the most common form of workplace testing. As we learn more about the virus, other forms of inquiries or testing may arise.
Continue Reading Employee Privacy Forecast: Temperature Checks
Transparency and communication are cornerstones of a successful relationship—and the employment relationship is no exception. The California Consumer Privacy Act (“CCPA”) came into effect on January 1, 2020, bestowing two landmark rights on California employees, applicants, contractors, emergency contacts, and dependents: (1) the right to notice about what personal information an employer collects and the purpose of collection; and (2) the right to sue with statutory damages if sensitive data is compromised.[1]
Continue Reading The Heart of Employee Rights Under CCPA: Attorney General Modifies Guidance