Workforce Bulletin

Under the Biden Administration, the Securities and Exchange Commission has aggressively enforced its Whistleblower Program.  As we previously reported here and here, the SEC has increased its focus on employers’ agreements or procedures that it contends interfere with employee access to the SEC.  More recently, the SEC has for the first time turned its attention toward employer compliance programs with draconian results for employers whose internal compliance efforts do not pass muster.  Specifically, on February 3, 2023, the SEC announced a dizzying $35 million fine against Activision Blizzard, Inc. (“Activision”), a video game developer, largely for failing to implement an effective compliance system to process and track workplace misconduct complaints.  Activision’s fine also included a violation for including a “Notice Clause” in the separation agreement template that it used between 2016 and 2021.  We discuss each violation below and what this means for SEC-regulated employers going forward.

As featured in #WorkforceWednesday:  This week, we’re detailing how self-remediation can help health care employers avoid whistleblower retaliation lawsuits following company downsizing.

We’re also bringing you a breaking news story on the $35 million settlement Activision Blizzard agreed to pay the U.S. Securities and Exchange Commission (SEC).

The California Privacy Protection Agency Board (the “Board”) held a public meeting on February 3, 2023, adopting and approving the current set of draft rules (the “Draft Rules”), which implement and clarify the California Consumer Privacy Act of 2018 (“CCPA”) as amended by the California Privacy Rights Act of 2020 (“CPRA”). The Draft Rules cover many CCPA requirements, including restrictions on the collection and use of personal information, transparency obligations, consumer rights and responding to consumer requests, and service provider contract requirements. At the meeting, the Board also addressed additional proposed rulemaking processes concerning cybersecurity audits, risk assessments, and automated decision-making. 

On February 1, 2023, the FTC announced a proposed $1.5 million settlement with GoodRx Holdings, based on alleged violations of the Federal Trade Commission Act (“FTC Act”) and Health Breach Notification Rule (“HBNR”) for using advertising technologies on its websites and mobile app that resulted in the unauthorized disclosure of consumers’ personal and health information to advertisers and other third parties. On the same day, the U.S. Department of Justice, acting on behalf of the FTC, filed a Complaint and Proposed Stipulated Order detailing the FTC’s allegations and the terms of the proposed settlement. 

In December 2022, New Hampshire opened enrollment to private employers in the Nation’s first voluntary paid family and medical leave insurance program, aptly named the Granite State Paid Family Leave Plan (Granite State Plan or NH PFML). The Granite State Plan, which was initially introduced in 2019 as part of a failed joint proposal with Vermont – the Twin State Voluntary Leave Plan – was enacted in 2021. Vermont has since adopted a similar voluntary program.

On January 26, 2023, a Michigan appellate court panel in Mothering Justice v. Attorney General issued a ruling to halt changes to the State’s paid sick leave law and an increase to the State’s minimum wage for hourly workers that were set to go into effect on February 19, 2023. The ruling is the latest development in a saga that has been ongoing for more than four years.

On January 1, 2023, Washington joined the growing list of states requiring pay transparency in job postings. Amendments (the “Amendments”) to the Washington State Equal Pay and Opportunities Act (the “EPOA”) require covered employers to disclose pay range, benefits, and other compensation in job postings. The Washington Department of Labor and Industries issued an administrative policy (the “Guidance”) to provide guidance regarding the broadened disclosure requirements.

On January 26, 2023, the National Institute of Standards and Technology (“NIST”) released guidance entitled Artificial Intelligence Risk Management Framework (AI RMF 1.0) (the “AI RMF”), intended to help organizations and individuals in the design, development, deployment, and use of AI systems. The AI RMF, like the White House’s recently published Blueprint for an AI Bill of Rights, is not legally binding. Nevertheless, as state and local regulators begin enforcing rules governing the use of AI systems, industry professionals will likely turn to NIST’s voluntary guidance when performing risk assessments of AI systems, negotiating contracts with vendors, performing audits on AI systems, and monitoring the use AI systems.

While most people were wrapped up in the inevitable hustle and bustle of the holidays, Vermont Governor Phil Scott announced the Nation’s second voluntary paid family and medical leave program, the Vermont Paid Family and Medical Leave Insurance Plan (VT FMLI). Initially part of a failed joint proposal with New Hampshire – the Twin State Voluntary Leave Plan – the VT FMLI largely mirrors New Hampshire’s Granite State Paid Family Leave Plan by establishing a State insurance program in which private employers and individuals may voluntarily participate.

As featured in #WorkforceWednesday:  The SECURE 2.0 Act of 2022 (“SECURE Act 2.0”) is a sweeping piece of retirement legislation with complex new provisions. This week, we highlight a few of the SECURE Act 2.0’s key changes for employer-sponsored 401(k) plans.