CLOSE X
RSS Feed LinkedIn Instagram Twitter Facebook
Search:
FMG Law Blog Line

Archive for February, 2019

Ninth Circuit Tightens FCRA Disclosure Requirements

Posted on: February 12th, 2019

By: Matthew Foree

Ninth Circuit Holds Combining State and Federal Disclosures Violates FCRA’s Standalone and Clarity Requirements

The Court of Appeals for the Ninth Circuit recently issued a decision regarding the disclosure requirements under the Fair Credit Reporting Act (“FCRA”).  The FCRA includes certain requirements for employers prior to obtaining a consumer report on a job applicant. For example, employers must provide the applicant a “clear and conspicuous disclosure” that they may obtain such a report “in a document that consists solely of the disclosure.”

The Ninth Circuit took the FCRA’s language literally, prohibiting the employer from including any superfluous information in the disclosure document.  The case at issue, Gilberg v. California Check Cashing Stores, LLC, involved a class action filed by Desiree Gilberg, a former employee of CheckSmart Financial, LLC (“CheckSmart”). Before she began working with CheckSmart, Gilbert signed a disclosure regarding background information, which provided that CheckSmart could obtain her background report and that she had the right to request a copy of the report. The form also included information regarding her right to obtain a copy of the report under various state laws. Gilberg alleged that the disclosure violated the FCRA and California’s state law disclosure statute. The Ninth Circuit agreed and reversed the District Court’s grant of summary judgment to CheckSmart.

The Ninth Circuit interpreted the statute literally by holding that providing other state disclosure information in the disclosure form violated the FCRA’s stand-alone document requirement. The Court held that such “extraneous information is as likely to confuse as it is to inform” and, therefore, does not further the FCRA’s purpose.

The court also held that the disclosure, although conspicuous, was not clear. The court focused on the following language of the disclosure at issue:

The scope of this notice and authorization is all-encompassing; however, allowing CheckSmart financial, LLC to obtain from any outside organization all manner of consumer reports and investigative consumer reports now and, if you are hired, throughout the course of your employment to the extent permitted by law.

Among other things, the court recognized the lack of clarity in the first part of the sentence and the typographical error in the second part of the sentence, which lacked a subject and was incomplete. Therefore, it determined that this provision contained “language that a reasonable person would not understand.” The court also held that the disclosure would confuse a reasonable reader because it combined federal and state disclosures.

According to the Gilberg decision, employers in the Ninth Circuit cannot include disclosures required by other state laws in the same document that contains the FCRA disclosure. The obvious result of the decision will be the increase in documentation driven by separate disclosure statements. Although it is unclear whether other courts will adopt the Ninth Circuit’s holdings, employers would do well to revisit their forms to ensure compliance. Given the court’s position that language that would confuse a “reasonable person” would violate the clear and conspicuous requirement, employers should also ensure that their disclosures are clear.

If you have any questions or would like more information, please contact Matthew Foree at (770) 818-4245 or [email protected].

City Hacks – Atlanta’s 2018 Cyberattack and the Growing Need for Cyber Liability Insurance

Posted on: February 12th, 2019

By: Matthew Weiss

Already a growing area of liability insurance for businesses, the importance of cyber insurance for local governments came to the forefront last March when the City of Atlanta suffered a malware attack in which its computer networks were hijacked by hackers seeking a ransom equal to $51,000 in bitcoin. The cyberattack left the City unable to perform basic services, including processing tickets in municipal court and providing Wi-Fi service at Hartsfield-Jackson International Airport. At one point, city employees were advised not to even turn on their computers.

While Atlanta’s cyberattack made national headlines, the role that cyber insurance played in its response has been largely undocumented. The City holds a cyber insurance policy with AIG, and the total cost associated with the cyberattack is believed to have approached $5 million.

Although Atlanta redacted key details of its cyber insurance policy, including its coverage limits, in response to press inquiries, the State of Georgia has acknowledged that it holds a $100 million cyber insurance policy, the largest of any state, covering more than 100 state agencies including every branch of state government except higher education. The policy was put to use when the Georgia Department of Agriculture’s computer system was infected by malware in December 2017, compromising the department’s computer system, including employee email and internal operation servers. The cost of the state’s response to the malware attack exceeded its self-insured retention of $250,000.

The recent experiences of the City of Atlanta and the Georgia Department of Agriculture exemplify the growing importance of cyber insurance for state and local governments. Governments are frequently considered prime targets for cyberattacks due to a lack of synchronization of government systems, the lack of harmonization among third-party vendors rendering services to those governments, and a dearth of qualified professionals employed by governments due to the fact that more lucrative careers are available in the private sector. Indeed, governments frequently assign cybersecurity to their IT departments, which are already overburdened and under-resourced. At the same time, as local governments become more digital, the impact of a cyberattack can become highly disruptive to the city’s operations, as the City of Atlanta’s experience showed. In fact, Forbes has reported that Lloyd’s City Risk Index estimates that the risk of cyberattack is the third most consequential threat to Atlanta and other North American cities, with a collective potential impact of more than $93 billion. Given these substantial risks, Lloyd’s concludes that cities and states should better utilize cyber insurance, with a 1% increase in insurance penetration resulting in a corresponding 22% decrease in the risk to taxpayers.

The growing need for cyber insurance among cities, counties, and states melds both the areas of local government law and insurance coverage and is certain to be a major growth area in the near future. Hopefully, Atlanta’s painful learning experience will better prepare other local governments in the months and years to come.

If you have any questions or would like more information, please contact Matthew Weiss at (678) 399-6356 or [email protected].

New Medical Devices and Performance Criteria

Posted on: February 12th, 2019

By: Koty Newman

The Food and Drug Administration (“FDA”) recently issued final guidance (the “Guidance”), providing a framework for its new Safety and Performance Based Pathway for its updated 510(k) process. Section 510(k) of the Food, Drug and Cosmetic Act requires medical device manufacturers to notify the FDA of their intent to market a medical device. Notification enables the FDA to determine if the product is equivalent to a device already on the market, which by extension, helps the FDA determine if the device is at least as safe and effective as the already marketed device.

The FDA’s Safety and Performance Based Pathway evidences the FDA’s recognition that it may be less burdensome for device manufacturers to show a new device’s substantial equivalence to a predicate device by demonstrating that the new device meets certain performance criteria, rather than directly testing the new device against a predicate device. Thus, “[i]nstead of reviewing data from direct comparison testing between the two devices, FDA could support a finding of substantial equivalence based on data showing the new device meets the level of performance of appropriate predicate device(s),” the Guidance states. In order to discern the requisite performance criteria, manufacturers should look to descriptions in FDA guidance, FDA-recognized consensus standards, and special controls.

The Guidance states that the “FDA believes that use of performance criteria is only appropriate when FDA has determined that (1) the new device has indications for use and technological characteristics that do not raise different questions of safety and effectiveness than the identified predicate, (2) the performance criteria align with the performance of one or more legally marketed devices of the same type as the new device, and (3) the new device meets all of the performance criteria.” Further, a manufacturer may use this program only if the manufacturer can rely entirely on performance criteria to demonstrate substantial equivalence. The FDA will still require that a manufacturer identify a predicate device in order for the FDA to determine the relevant intended use and technological characteristics decision points.

The FDA will maintain a list of device types that are appropriate for the Safety and Performance Based Pathway on its website, along with other information that will be helpful for manufacturers intending on navigating this particular Pathway, such as “guidances that identify the performance criteria and testing methods recommended for each device type.”

This policy represents an expansion of the long-applied approach by the FDA, giving device manufacturers an additional pathway to demonstrate substantial equivalence. For the manufacturers who cannot, or prefer not to, rely on this Safety and Performance Based Pathway, direct comparison with a predicate device will remain available to determine whether the new device is substantially equivalent to a predicate device.

The FDA is also seeking public comment on questions such as whether it should make public a list of devices or manufacturers who make products that rely on older predicates, such as predicates that have been on the market for ten-or-so years, and whether there are actions the FDA could pursue to promote the use of more current predicates. The public will have until April 22, 2019 to comment.

If you have any questions or would like more information, please contact Koty Newman at (678) 996-9122 or [email protected].

As Commerce Moves Online, the Americans with Disabilities Act Follows

Posted on: February 11th, 2019

By: Natalie Pulley

Does the Americans with Disabilities Act, requiring accessibility in public accommodations, apply to a business’ online presence? The Eleventh Circuit has weighed in on the issue, finding in Dennis Haynes v. Dunkin’ Donuts LLC that the ADA applies online.

In Dennis Haynes, the plaintiff is blind and relies on screen reading software. He attempted to go on the website for Dunkin’ Donuts but the website was not compatible with his, or any, screen reading software. The plaintiff sued Dunkin’ Donuts, LLC, claiming that it violated Title III of the Americans with Disabilities Act by not maintaining a website compatible with screen reading software. He alleged that the inaccessibility of Dunkin’ Donuts’ website has denied blind people the ability to enjoy the goods, services, privileges, and advantages of Dunkin’ Donuts shops.

The Eleventh Circuit agreed with his position and found that a website must comply with ADA requirements. The court found that a website is a service that facilitates the use of brick and mortar shops, which are places of public accommodation. Further, the court found that the ADA is clear that whatever goods and services the business offers as part of its public accommodation, it cannot discriminate against people on the basis of a disability, even if those goods and services are intangible. This opinion sides with a federal court ruling from Florida, which ruled that a supermarket chain could be liable under the statute for operating an inaccessible site.

While there is no blanket requirement of any specific auxiliary aides on corporate websites, the proliferation of website lawsuits presents a risk of liability. Corporations should take proactive steps to ensure that their websites are accessible to those with hearing, muscular, and visual impairments.

If you have any questions or would like more information, please contact Natalie Pulley at [email protected].

Haynes v. Dunkin’ Donuts, Ltd. Liab. Co., 741 F. App’x 752 (11th Cir. 2018)
Gil v. Winn-Dixie Stores, Inc., 257 F. Supp. 3d 1340 (S.D. Fla. 2017)

 

 

 

Latest Update on the H-1B Visa Application Process

Posted on: February 11th, 2019

By: Layli Eskandari Deal

The U.S. Department of Homeland Security (DHS) has issued a final rule implementing changes to the H-1B visa program for petitions filed under the H-1B cap (better known as the H-1B visa lottery).

The rule reverses the order whereby USCIS selects H-1B petitions for the standard allotment of 65,000 visas and the 20,000 visas allocated for the advanced-degree exemption. It also adds an electronic registration requirement for petitioners seeking to file H-1B cap-subject petitions. The final rule is scheduled to become effective on April 1, 2019.

Under the reverse selection process, USCIS will first select H-1B petitions for the general allotment of 65,000 visas. Then USCIS will select from the remaining petitions a number estimated to reach the advanced degree exemption. The reverse selection rule applies to petitions filed for the FY 2020 H-1B cap season (this year). The agency expects the lottery reversal to increase the number of individuals selected who possess an advanced degree from a U.S. institution.

The rule also implements an electronic registration requirement for H-1B cap-subject petitions which DHS has postponed until next cap season (FY 2021). Once implemented, it will require those seeking to file H-1B cap petitions to first electronically register with USCIS. Only petitioners whose registrations are selected will then be able to file an H-1B cap-subject petition.

For additional information related to this topic and for advice regarding how to navigate U.S. immigration laws you may contact Layli Eskandari Deal of the law firm of Freeman Mathis & Gary, LLP at 770.551.2700 or [email protected].