Technology, media, and telecommunications organizations are at the forefront of tackling new challenges in handling employee information and managing employee populations. As legislatures (from the federal level down to states and cities) address how technology impacts today’s new workforce, employers must grapple with changes in managing data—from privacy concerns to the use of artificial intelligence in employment matters—and keeping workers happy, including dealing with wage increases, the rise in union activity, and contingent workers in the #MeToo era. A changing workplace landscape requires creative thinking and outside-the-box solutions.
Expect Increasing Data Privacy, Data Governance, and Cybersecurity Regulatory Activity This Year
States are increasingly moving to fill what they regard as a void in data protection standards at the national level. Certain states—including California and Colorado—are implementing new data privacy and cybersecurity requirements intended to regulate the collection and security of personal information. Washington State proposed legislation, which just passed its State Senate, will, if enacted, broadly adopt data privacy protections similar to the European Union’s General Data Protection Regulation (or “GDPR”). The National Association of Insurance Commissioners adopted a model cybersecurity law, and states such as New York and South Carolina have adopted cybersecurity requirements governing the financial services, insurance, and credit reporting industries. North Carolina and Massachusetts are among the states presently considering enhancing their existing protections; indeed, the proposed Massachusetts legislation would grant a private right of action if violations occur. Federal legislation in the House and Senate is also being discussed to provide wider protection beyond the existing requirements of the Health Insurance Portability and Accountability Act, the Gramm Leach Bliley Act, and other federal laws.
One thing is clear: We are in the midst of a wave of regulatory activity fundamentally impacting data collection and cybersecurity across the nation. Although the requirements vary, there are common themes—transparently collect only the personal data needed for authorized business purposes, limit use to those purposes, and adopt reasonable cybersecurity measures to protect the data collected. A risk assessment of an organization’s cybersecurity and data privacy practices is the first step in achieving compliance. The organization may then make informed risk-based decisions about information security and privacy, including addressing external and insider cybersecurity threats.
As predictive analytics have revolutionized marketing practices in corporate America, companies increasingly apply predictive analytical processes to human resources (“HR”) functions. These “people analytics” techniques promise to efficiently and effectively identify the best candidates for open positions, reduce turnover, and eliminate subjectivity and bias from HR processes. There are, however, several legal risks. For example, these techniques may perpetuate stereotypes and disparately impact certain populations, pose thorny issues for people with disabilities, and must be compliant with emerging domestic and international privacy regulations. When adopting any particular predictive analytical tool, companies should conduct their due diligence, scrutinize the collection and storage of the data, conduct a proper validation study, conduct adverse impact analyses and continuously monitor outputs, and investigate the accessibility of the tool.
The wait is over! The U.S. Department of Labor (“DOL”) issued new proposed regulations for the salary threshold for exempt white-collar workers—$35,308/year ($679/week; currently $455/week). In 2016, the DOL finalized regulations that would have increased the salary basis test threshold to $47,892/year ($921/week), but those regulations were halted by a nationwide injunction. With a change in administrations, the DOL has been reworking the proposal over the past year, seeking input through a “request for information” and listening sessions. Despite the delay from the federal government, states (including New York and California) and cities have moved forward with their own exempt salary thresholds.
An area in which unions have had some of their greatest organizing successes of late has been in digital and interactive media, where they have come to represent writers and editors at a number of high-profile online publications. Over the past several years, the Writers Guild East (“Writers Guild”) and the NewsGuild of New York have successfully organized employees of a significant number of digital and online publications, including Buzzfeed, Splinter, and Gizmodo. The unions are also reporting success in negotiating first contracts.
The organizing activity is now spreading to other new media platforms. The Writers Guild recently announced that it had been recognized by Gimlet Media, a podcast network and reportedly the first podcast network to be organized by a union.
Generally, these employers have agreed to card checks, rather than insisting on National Labor Relations Board elections.
The unions’ organizing success appears to be due to a number of factors, including employees’ desire to improve their wages and benefits and a perceived lack of job security in these new businesses.
Another consideration is the demographics of the workers. Many are comparatively young, well educated, and located in large cities, such as New York and Los Angeles, where there is a relatively high level of union density and presence. According to research by the Pew Research Center, these workers tend to view unions more favorably and are seeking a greater say in how policy is set and decisions are made.
As employers—from start-up and emerging companies to large, enterprise corporations—continue to plan their rollout of mandatory, anti-harassment training programs by October 9, 2019, they should remember this: Contractors are people too.
That is to say that the robust New York State and New York City laws relating to sexual harassment extend not only to employees (full-time, part-time, seasonal, and temporary workers), but may also extend to independent contractors. New York State law explicitly protects contractors from sexual harassment at their worksites.
Under New York City guidance, an employer is required to train independent contractors who have performed work in the furtherance of the business for more than 90 days and more than 80 hours in a calendar year. Employers are not required to retrain independent contractors who have already received the mandated annual training elsewhere. The threshold of 15 “employees” that triggers the New York City training obligation includes contractors.
The extension of the training requirement to contractors makes good sense, grounded in the dual reality that (i) contractors (whether truly independent or through agencies), just like employees, may potentially expose an organization to claims of harassment and discrimination, and (ii) in the era of wage-hour litigation and claims of misclassification, limiting the training requirement to individuals the employer has classified as employees may miss a significant portion of an employer’s workforce. There is a potential unintended consequence: disseminating a mixed message (at best)—or no messaging (at worst)—at a time when clear and consistent messaging on the issues of preventing harassment and discrimination have never been more critical.