Amazon’s Alexa, Google devices such as Google Assistant and Google Home, Apple’s Siri, and Microsoft’s Cortana are now commonplace in many homes. These devices and other lesser-known counterparts allow users to control nearly everything in their homes with only their voice. That convenience, however, comes at the cost of some degree of privacy. While seldom viewed as presenting a live microphone inside one’s home or office, these otherwise passive listening devices begin recording upon initiation of a verbal cue. While the use (or even presence) of such voice assistants may present privacy concerns when used in consumers’ homes, with millions of people working remotely across the world due to COVID-19, these potential privacy concerns can quickly escalate to a much broader concern, especially for attorneys, who, as we discussed earlier, are bound to maintain confidentiality regarding information concerning the representation of their clients. But this concern extends far beyond “just” attorneys, because so many business dealings involve the exchange of confidential information. What one thinks of as a private or confidential discussion with a business partner is now taking place at home, perhaps with others around, but all too frequently in close proximity to these devices. Continue reading “Privacy Takes Many Forms”
Written by Susan Kohn Ross
The U.S. is working closely with Mexico and Canada to ensure North America has a coordinated approach to combating the pandemic caused by COVID-19, and mitigating any further spread. The United States and Canada have agreed to restrict travel at the land border to essential travel only (details regarding those travel restrictions can be found here and here). In a similar fashion, the United States and Mexico are finalizing an agreement that will facilitate only essential travel at the U.S. southern border. The three countries are maintaining cross-border activities that support health security, commerce, supply security, trade, and other essential activities, while taking prudent steps to protect citizens and to limit spread of the virus. The stated goal of these efforts is to help save lives. As such, these restrictions are in place indefinitely. Continue reading “North America, Bordered Up”
Cybersecurity Concerns with Remote Work
While likely not the first topic that comes to mind amidst a global pandemic, organizations and businesses that now find themselves entirely (or almost entirely) remote would be remiss not to consider the potential data and cybersecurity issues raised by this sudden and unexpected shift to remote work. For much of the country, COVID-19 has resulted in an abrupt shift in the way we work. Even for those businesses that maintained robust work-from-home policies and systems, this shift presents a learning curve. The more traditional data and cybersecurity concerns ever-present in normal business operations are compounded by the difficulties presented by an extensive remote workforce. Preoccupied remote workers can be more susceptible to online threats such as phishing emails or malware and ransomware, thereby “opening the door” and providing unauthorized access to bad actors. The other, often lesser considered concern is accidental disclosure of confidential business information. Continue reading “Careful With The Remote”
Are Your Employees Telecommuting Now? COVID-19 and Cybersecurity Concerns for Businesses
A topic of immediate concern to businesses that has not received a great deal of attention (but should) is cybersecurity. There are unscrupulous people out there who will try to take advantage of the situation! This is especially worrisome with the increased usage of telecommuting to facilitate business continuity.
Within the Dept. of Homeland Security sits the Cybersecurity and Infrastructure Security Agency or CISA which is “responsible for protecting the Nation’s critical infrastructure from physical and cyber threats.” CISA, through its National Cyber Awareness System, released Defending Against COVID-19 Cyber Scams, see here for the full text. In short, beware of emails with malicious attachments and hyperlinks. Also be careful about social media pleas, texts and calls having to do with COVID-19.
The NCAS recommends:
The situation surrounding COVID-19 is, to the say the least, fluid and scary. The ultimate outcome of the disruption to the business community is also unclear. There are nonetheless a couple of topics we can talk about right now with some degree of certainty on which businesses may want to focus as we all struggle to deal with the very human toll of this pandemic. One is employee privacy and is addressed in this edition. The cybersecurity topics worthy of immediate attention will be covered in a subsequent blog post.
We start here with the confidentiality obligation of employers regarding information about the health of their employees. If someone on your staff becomes infected, as a general proposition, as the employer, you may not share that information with other employees. The Centers for Disease Control published an Interim Guidance for Businesses and Employers, and stated: “If an employee is confirmed to have COVID-19, employers should inform fellow employees of their possible exposure to COVID-19 in the workplace but maintain confidentiality as required by the Americans with Disabilities Act.” Since COVID-19 has spread to many different countries, the privacy laws in those countries also need to be considered. For example, the European privacy law – the GDPR – addresses privacy around health data, plus local public health authorities in those countries will have their own protocols to follow.
There are a bunch of other things going on when it comes to international trade, but the most concerning topic right now is the coronavirus or COVID-19. From a purely business continuity perspective, we are receiving lots of inquiries around the following question: “Can we get out of our contracts by invoking the force majeure clauses?” Such a clause allows parties to cancel contracts when events occur which are both beyond their control but also totally unexpected. A typical illustration would be an “Act of God.” First, make sure your contract includes a force majeure clause, because if not, that could present a significant uphill and costly battle. Given the widespread losses which are likely to result, it is reasonable to anticipate companies of any size will, so to speak, “stick to their guns” in trying to “spread the pain.”
Assuming such a clause is present in your contract, what does it say? An example of one recently presented includes among its examples: “… strikes, riots, floods, storms, earthquakes, fires, power failures, natural disasters, pandemics, insurrection, acts of God, or for any cause beyond the control of” the named party. Is that language sufficient to permit cancellation under the current circumstances of the COVID-19 outbreak? Probably so, since it mentions pandemics and the World Health Organization has labeled the outbreak as such, but would this language have been broad enough to cover the situation a month ago? Maybe not. Continue reading “COVID-19 and the Trade Community”
On March 11, 2020, the California Attorney General (CA AG) issued additional revisions to the proposed regulations implementing the California Consumer Privacy Act (CCPA). The CA AG published a redline against the earlier proposed regulations highlighting the latest changes. A copy can be found here. The latest modified draft regulations are subject to a public comment period which ends on March 27, 2020, at 5:00 p.m. (PDT). Information about where to submit comments can be found at the end of this Alert.
While many of the latest changes consist of technical corrections or clarifications, there are some significant modifications, all are effective on July 1, 2020. Below, we summarized the key changes: Continue reading “CCPA: More Regulatory Changes Proposed”
The California Consumer Privacy Act (“CCPA”) took effect on January 1, 2020. In October 2019, the California Attorney General (“CA AG”) published proposed regulations. In the lead up to January 1, 2020, the CA AG repeatedly made the point that those subject to the CCPA should plan for compliance with its broad principals by the first of the year, while admitting enforcement would not start until the regulations were final, meaning July 1, 2020. As part of this process, the CA AG advised he did not expect there to be significant changes to the regulations between October and July. However, upon receiving comments to those October proposed regulations, he changed his mind and on February 7, 2020 revised regulations were issued. A subsequent notice on February 10, 2020 corrected the earlier publication, which omitted certain updates.
To be clear, some of the changes were long awaited (such as what the “Do Not Sell My Personal Data” button looks like), while others were unexpected (such as the change to the training requirement by raising the level of records from four million to ten million). This Alert will summarize the key proposed changes. Continue reading “New Revisions to the CCPA”
On January 31, 2020, President Trump issued Executive Order 13904 (“EO”) entitled “Ensuring Safe & Lawful E-Commerce for U.S. Consumers, Businesses, Government Supply Chains, and Intellectual Property Rights.” It begins by stating that e-commerce is “being exploited by traffickers to introduce contraband into the United States, and by foreign exporters and United States importers to avoid applicable customs duties, taxes and fees.” The types of malfeasance cited are counterfeit goods, narcotics (specifically synthetic opioids, such as fentanyl), and other contraband, plus, of course, protection of the revenue. The focus of the EO is on express consignment operators, carriers, hub facilities, international posts, customs brokers and e-commerce platform operations (the “Regulated Parties”). Anyone who participates in the “introduction or attempted introduction” of parcels containing contraband can be held accountable with accountability taking the form of both civil and criminal consequences, as appropriate. The EO goes on to state that CBP’s suspension and debarment procedure will form the framework through which these actions will be carried out. Suspension and debarment apply in the context of doing business with the government, such as government contracts, subcontracts, grants, loans and other assistance programs.
China and the U.S. signed the so-called Phase 1 deal on January 15, 2020. Much has been said in the general press and elsewhere about this deal. What does it really accomplish for international traders?
First, there is nothing said about the tariffs imposed by either the U.S. or China. White House briefers did say the tariff on the goods on List 4A would be reduced soon, and a pre-publication version of the proposed Federal Register notice was published on January 16, 2020. It can be found here. Those tariffs will be reduced from 15% to 7.5% on February 14, 2020. When it came to the tariffs China has imposed, no one has any idea what specifically will happen, only that given the commitments made by China, those tariffs will have to come down. Exactly when is anyone’s guess. Continue reading “China – U.S. Phase 1 Deal: Is It Enough?”