FTC Targets Employers Utilizing Worker Surveillance Technologies

March 15, 2024Darius Rohani-Shukla Leave a comment

When used appropriately, worker surveillance technologies like time and attendance software, video surveillance systems, GPS tracking software, and biometric technology can benefit employers in a variety of ways, including by boosting productivity, identifying internal and external cybersecurity threats, and even preventing or responding to workplace accidents. However, employers must be careful that employee monitoring programs do not run afoul of an increasingly wide range of regulators, now including the Federal Trade Commission.

In recent comments, FTC Division of Privacy and Identity Protection Associate Director Benjamin Wiseman outline the Commission’s commitment to protecting worker privacy. The Commission is the nation’s primary privacy regulator and its privacy enforcement tool is Section 5 of the FTC Act, which prohibits unfair, deceptive, and anticompetitive trade practices. In recent years, the Commission demonstrated its willingness to pursue novel technological issues through enforcement actions against companies utilizing AI facial recognition technologies. Wiseman warned that businesses that infringe on worker privacy risk becoming targets of FTC enforcement actions, stating: Continue reading →

Mitigating Cybersecurity Risks to Your Company’s Confidential Information from Exiting Employees [Webinar Recording]

February 21, 2024February 20, 2024Theresa Jordan Leave a comment

On Thursday, February 15, 2024, Kara M. Maciel and Darius Rohani-Shukla presented a webinar covering Mitigating Cybersecurity Risks to Your Company’s Confidential Information from Exiting Employees.

In the modern workplace, keeping track of proprietary information and ensuring its confidentiality has become significantly more challenging due to the prevalence of remote employees, cloud computing, and the comingling of personal and company devices that can access company information. Employers who are not conscientious about maintaining the confidentiality of their proprietary information can threaten the viability of their business moving forward. Exiting employees can more easily than ever attempt to take company information with them, delete essential company documents, or even try to publish proprietary documents in an attempt to destroy their former employer’s competitive advantage.

Participants in this webinar learned about: Continue reading →

[Webinar] Mitigating Cybersecurity Risks to Your Company’s Confidential Information from Exiting Employees

February 6, 2024February 6, 2024Theresa Jordan Leave a comment

On Thursday, February 15, 2024, at 1 p.m. EST, join Kara M. Maciel and Darius Rohani-Shukla for a webinar to cover Mitigating Cybersecurity Risks to Your Company’s Confidential Information from Exiting Employees.

Participants in this webinar will learn about: Continue reading →

Announcing Conn Maciel Carey LLP’s 2023 Labor and Employment Webinar Series

December 19, 2022December 20, 2022Theresa Jordan Leave a comment

Announcing Conn Maciel Carey LLP’s

2023 Labor and Employment Webinar Series

The legal landscape facing employers seems as difficult to navigate as it has ever been. Keeping track of the ever-changing patchwork of federal, state and local laws governing the workplace may often seem like a full-time job whether you are a human resources professional, in-house attorney or business owner. Change appears to be the one constant. As we enter Year 3 of President Biden’s Administration, employers will continue to closely track the changes taking place at the NLRB, the DOL and the EEOC. At the same time, a number of states will continue introducing new laws and regulations governing workplaces across the country, making it more important than ever for employers to pay attention to the bills pending in the legislatures of the states where they operate.

Conn Maciel Carey’s complimentary 2023 Labor and Employment Webinar Series, which includes monthly programs (sometimes more often, if events warrant) put on by attorneys in the firm’s national Labor and Employment Practice, will focus on a host of the most challenging and timely issues facing employers, examine past trends and look ahead at the issues most likely to arise.

To register for an individual webinar in the series, click on the link in the program description below. To register for the entire 2023 series, click here to send us an email request, and we will register you. If you missed any of our programs from the past eight years of our annual Labor and Employment Webinar Series, here is a link to an archive of recordings of those webinars.

California Employment Law Update

Thursday, January 19, 2023

Remote Work Challenges

Wednesday, February 22, 2023

Whistleblower/Retaliation Issues

Tuesday, March 21, 2023

Pay Transparency & Non-Compete Laws

Wednesday, April 20, 2023

Managing Internal Investigations

Thursday, May 11, 2023

Hot Topics in Wage and Hour Law

Tuesday, June 20, 2023

Marijuana and Drug Testing

Tuesday, July 18, 2023

Privacy Issues in the Workplace

Wednesday, September 20, 2023

ADA Reasonable Accommodations

Wednesday, October 18, 2023

Artificial Intelligence in the Workplace

Tuesday, November 21, 2023

NLRB Issues and Joint Employer Update

Thursday, December 14, 2023

See below for the full schedule with program descriptions, dates, times and links to register for each webinar event.

Continue reading →

Preparing for the Virginia Consumer Data Protection Act

August 18, 2022Darius Rohani-Shukla Leave a comment

Beginning June 1, 2023, the Virginia Consumer Data Protection Act (CDPA) will come into effect for Virginia businesses and consumers.

What is the CDPA?

At its core, the CDPA is a data privacy law intended to provide guardrails on how businesses use and store the data of Virginia consumers. Virginia was the second state to pass a state data privacy law after California’s California Consumer Privacy Act (CCPA).

The CDPA will apply to covered businesses that conduct business in Virginia or affect Virginia commerce through targeting products and/or services to Virginia residents. For the CDPA to apply to a company, it must either:

Control or process the personal data of at least 100,000 consumers during a calendar year; or
Process the personal data of at least 25,000 consumers and derive more than 50 percent of their gross revenue from selling personal data.

Personal data in this context includes “any information that is linked or reasonably linkable to an identified or identifiable natural person.”

What are the CDPA requirements?

The CDPA draws on concepts from the California Privacy Rights Act, CCPA, and the General Data Protection Regulation (GDPR) by establishing consumer rights relating to Privacy.

The main areas of the CDPA that businesses should prepare for are as follows:

Continue reading →

Conn Maciel Carey’s 2022 Labor and Employment Webinar Series

January 7, 2022January 7, 2022Theresa Jordan Leave a comment

Announcing Conn Maciel Carey’s 2022 Labor and Employment Webinar Series

The legal landscape facing employers seems as difficult to navigate as it has ever been. Keeping track of the ever-changing patchwork of federal, state and local laws governing the workplace may often seem like a full-time job whether you are a human resources professional, in-house attorney or business owner. Change appears to be the one constant. As we enter Year 2 of President Biden’s Administration, employers will continue to closely track the changes taking place at the NLRB, the DOL and the EEOC. At the same time, a number of states will continue introducing new laws and regulations governing workplaces across the country, making it more important than ever for employers to pay attention to the bills pending in the legislatures of the states where they operate.

Conn Maciel Carey’s complimentary 2022 Labor and Employment Webinar Series, which includes monthly programs (sometimes more often, if events warrant) put on by attorneys in the firm’s national Labor and Employment Practice, will focus on a host of the most challenging and timely issues facing employers, examining past trends and looking ahead at the issues most likely to arise.

To register for an individual webinar in the series, click on the link in the program description below. To register for the entire 2022 series, click here to send us an email request, and we will register you. If you missed any of our programs from the past seven years of our annual Labor and Employment Webinar Series, here is a link to an archive of recordings of those webinars.

2022 Labor and Employment Webinar Series – Program Schedule

Continue reading →

Announcing Conn Maciel Carey’s 2021 Labor and Employment Webinar Series

January 7, 2021Theresa Jordan Leave a comment

The legal landscape facing employers seems as difficult to navigate as it has ever been. Keeping track of the ever-changing patchwork of federal, state and local laws governing the workplace may often seem like a full-time job whether you are a human resources professional, in-house attorney or business owner. Change appears to be the one constant. As President Trump’s Administration comes to an end, employers will continue to closely track the changes taking place at the NLRB, the DOL and the EEOC. At the same time, a number of states will continue introducing new laws and regulations governing workplaces across the country, making it more important than ever for employers to pay attention to the bills pending in the legislatures of the states where they operate. This complimentary webinar series will focus on a host of the most challenging and timely issues facing employers, examining past trends and looking ahead at the issues most likely to arise.

Conn Maciel Carey’s complimentary 2021 Labor and Employment Webinar Series, which includes (at least) monthly programs put on by attorneys in the firm’s national Labor and Employment Practice, is designed to give employers insight into legal labor and employment developments.

To register for an individual webinar in the series, click on the link in the program description below. To register for the entire 2021 series, click here to send us an email request, and we will register you. If you missed any of our past programs from our annual Labor and Employment Webinar Series, click here to subscribe to our YouTube channel to access those webinars.

2021 Labor & Employment Webinar Series – Program Schedule

C alifornia Employment Law Update for 2021

Wednesday, January 20^th

Marijuana, Drug Testing and Background Checks

Tuesday, July 13th

COVID-19 Vaccine: What Employers Need to Know

Thursday, February 11^th

Employee Misconduct Defense & Employment Law

Wednesday, August 11^th

E mployment Law Update in D.C, MD, VA and Illinois

Wednesday, March 24^th

Employee Handbooks, Training and Internal Audits

Tuesday, September 21^st

Withdrawal Liability Pensions

Wednesday, April 14^th

NLRB Update

Tuesday, October 19^th

ADA Website Compliance Issues – Best Strategies for Employers

Tuesday, May 18^th

Avoiding C ommon Pitfalls: Non-Compete, Trade Secrets and More!

Wednesday, November 10^th

W hat to Expect from DOL Under the Biden Admin.

Wednesday, June 16^th

Recap of Year One of the Biden Administration

Tuesday, December 14^th

See below for the full schedule with program descriptions, dates, times and links to register for each webinar event.

Continue reading →

Digital Threats Continue to Confront the Hospitality Industry

February 4, 2019Kara Maciel Leave a comment

shutterstock_217014265 Cybersecurity and digital threats were a hot topic at ALIS Law, a conference for hotel owners and operators, in Los Angeles last month. I had a pleasure of moderating a session on “threats in a digital world” with senior executives from national hotel management and ownership groups. In our session, we discussed what were some of the pressing and most concerning digital threats that kept the hospitality industry up at night. Here are some highlights and take-aways from the session:

Cybersecurity and hacks from foreign and domestic threats remain a top concern. Many hotels have been engaging in surveillance as one method of cyber protection. It was noted how much the investment in technology to prevent, address, and respond to cybersecurity issues has increased for both owners and operators. While owners may bear the cost on their profit & loss statement, and management companies are putting in policies, owners are adding property specific monitoring. It was discussed that one global hotel company, Hyatt Hotels, recently announced a bug bounty program whereby they will be paying ethical hackers to monitor their systems, including mobile applications, for potential risks and where credible risks or threats are found – the hackers will be compensated – which is a novel approach in the hospitality industry.

While cybersecurity threats have been a focus, one repeated concern is the threat of harm to a hotel’s reputation due to guests and third parties spreading false information on social media sites, such as LinkedIn, Yelp, and Trip Advisor. To address these concerns, hotel operators talk with their teams daily about the consequences of false information or a bad review and take steps to remove false reviews if possible. Others noted that removing a false review from a site like Trip Advisor can be challenging unless the company is able to prove that the review was posted for criminal reasons or demonstratively false.

One consequence of a cybersecurity hack beyond the disclosure of guest information is if a hacker was able to secure personal identifiable information of a hotel company’s investors and borrowers. If investors are concerned that a hotel company is not protecting their highly confidential and personal financial information, that would have a significant impact on the reputational harm to the company.

Some of the best practices that owner and operators have put into place is an incident response plan to respond to a threat. In doing so, a key question is who you need at the table to decide how to move forward (IT / GC / PR / Owner) and what elements do you need to put into place. In addition, implementing policies and procedures on the front end is critical. For example, from an accounting perspective, having controls in place that can protect where the money is going and where it is coming from and ensuring that there are multiple approvals before money is sent out electronically. Finally, training staff on the policies and procedures so that the right people are getting the right information. Managers need to judge and reward staff for compliance with the policies because while a company continue to monitor and audit, training is only effective if compliance is monitored. For example, one company reported conducting more secret shoppers to determine whether someone can drop a flash drive into a front desk computer to tap into the network.

Unfortunately, cybersecurity risks and threats are not going away anytime soon, but with planning and focus on this important issue, hotel owners and operators can get ahead of some of the threats and take control and strong action if a risk materializes.