Category Archives: Uncategorized

New Chapters on Board Governance Available for Sustainable Entrepreneurs

Sustainable entrepreneurs and their advisers are invited to download, read and use the following new additions to the library of governance resources that is being made available through the Sustainable Entrepreneurship Project:

Audit Committee

Compensation and Organizational Development Committee

Finance Committee

Environmental, Health and Safety Committee

Corporate Social Responsibility Committee

Compliance and Risk Management

Technology Committee

Over the next few weeks we’ll be posting articles that include highlights from the materials in these new chapters.

Alan Gutterman is the Founding Director of the Sustainable Entrepreneurship Project, which engages in and promotes research, education and training activities relating to entrepreneurial ventures launched with the aspiration to create sustainable enterprises that achieve significant growth in scale and value creation through the development of innovative products or services which form the basis for a successful international business.  Visit the Project’s Library of Resources for Sustainable Entrepreneurs to download handbooks, guides, articles and other materials relating to sustainable entrepreneurship and keep up with the Project’s activities by following Alan on LinkedInTwitter and Facebook.

Issues in Establishing Effective Sustainability Governance

CSR and corporate sustainability are like any other important management initiatives and require proactive leadership from the top of the organization.  In fact, it is clear that the “tone at the top” is an important factor in the success or failure of any CSR or corporate sustainability initiative and the directors and senior executives of the corporation are uniquely positioned to act as external and internal champions of CSR and corporate sustainability and proactively communicate with everyone involved with the organization on a daily basis about the impact of new environmental and socially responsible products and services.  The directors and senior executives must also commit to investing the time and effort necessary to explain the corporation’s CSR and corporate sustainability initiatives to customers and other stakeholders and develop and implement metrics for tracking and reporting progress.  While environmental and social responsibility certainly extends “beyond the law”, directors and officers must be mindful of their fiduciary duties and understand how laws, regulations and standard contract provisions are rapidly evolving to incorporate environmental and social responsibility standards.  Among the issues and activities that will need to be considered in establishing and maintaining effective governance and management processes for CSR and corporate sustainability implementation are the following:

  • Understanding the drivers of enhanced board oversight of sustainability including investors’ expectations as to the role and responsibilities of directors and changing societal beliefs regarding the political and social roles of corporations
  • Understanding how CSR and corporate sustainability is changing the traditional fiduciary duties of directors and officers including the ascendance of the stakeholder-focused model and the introduction of alternative legal architectures for sustainability-oriented businesses
  • Working with the board of directors to integrate environmental and social responsibility into the governance structure and the traditional roles and responsibilities of directors
  • Assisting the board of directors on the design and implementation of an effective framework for board oversight of CSR and corporate sustainability
  • Counseling the board of directors and senior management on the development and implementation of CSR and corporate sustainability commitments and instruments
  • Incorporating reports on CSR corporate sustainability initiatives into board meetings and understanding how to create effective environmental and social responsibility committees and integrate sustainability into the activities of other board committees
  • Developing job responsibilities for the senior social responsibility officer and designing effective internal organizational structures and systems for managing CSR and corporate sustainability initiatives and programs and supporting CSR and corporate sustainability commitments and expectations such as preparation and distribution of sustainability reports and stakeholder engagement
  • Implementing formal management systems relating to sustainability-related issues and topics based appropriate standards issued by the International Organization for Standardization (e.g., ISO 14001 (environment); ISO 26000 (social responsibility) and ISO 28000 (supply chain security))
  • Reviewing and modifying job responsibilities and compensation arrangements of executive team members, particularly the chief executive officer, to incorporate CSR and corporate sustainability commitments and attainment of CSR- and sustainability-related performance goals
  • Providing education and training to directors and executive team members on sustainability issues including the creation and management of stakeholder advisor groups and teams of external experts
  • Assisting directors, executive team members and managers and employees within the internal sustainability group with key CSR- and sustainability-related activities such as transparency and disclosure and stakeholder engagement
  • Identifying and counseling directors and officers on ethical issues that will arise as they discharge their duties and responsibilities with respect to CSR and sustainability

This article is adapted from material in Sustainability and Corporate Governance: A Handbook for Sustainable Entrepreneurs, which is prepared and distributed by the Sustainable Entrepreneurship Project and can be downloaded here.

Alan Gutterman is the Founding Director of the Sustainable Entrepreneurship Project, which engages in and promotes research, education and training activities relating to entrepreneurial ventures launched with the aspiration to create sustainable enterprises that achieve significant growth in scale and value creation through the development of innovative products or services which form the basis for a successful international business.  Visit the Project’s Library of Resources for Sustainable Entrepreneurs to download handbooks, guides, articles and other materials relating to sustainable entrepreneurship and keep up with the Project’s activities by following Alan on LinkedInTwitter and Facebook.

 

Toward a “Sense of Purpose” for Employees: Investor Engagement on Human Capital Management

BlackRock, a leading global investment manager, provided an illustration of the steps and questions that might be part of institutional investor engagement on an important social issue: “human capital management” (“HCM”).  In his 2018 annual letter to CEOs, the Chairman and CEO of BlackRock wrote that:

“Companies must ask themselves: What role do we play in the community? Are we working to create a diverse workforce? Are we adapting to technological change? Are we providing the retraining and opportunities that our employees and our business will need to adjust to an increasingly automated world?”

BlackRock and other institutional investors have taken note of the importance of recruiting and retaining talented works as a primary factor in the financial performance of companies and investors realize that business continuity and success is tied to the company’s approach to HCM, a broad topic that includes employee development, diversity and a commitment to equal employment opportunity, health and safety, labor relations, supply chain labor standards and continuously adapting the workplace to taken into account rapidly changing technologies.

This article is adapted from material in Governance: A Handbook for Sustainable Entrepreneurs, which is prepared and distributed by the Sustainable Entrepreneurship Project and can be downloaded here.

While traditional human resources activities have often been pigeonholed as a management issue, institutional investors expect directors to be proactively involved in HCM as a natural extension of their duties to oversee the company’s strategy and define the company’s purpose.  Among other things, directors should be prepared to monitor HCM initiatives to ensure that they are aligned with overall strategy and that employees are fully engaged and supportive of the company, its business and goals.  The board should also treat HCM in the same way as other sustainability-related topics, which means constantly looking for risks and opportunities and developing appropriate responses.  Management’s role in HCM is obviously more operational and focused on executing the strategies and initiatives approved at the board level; however, working to bring out the best in the company’s people is arguably the most important of any manager’s day-to-day activities and senior executives should be proactively involved in developing and presenting innovative HCM ideas to the directors and should be forging relationships with employees throughout the organization to demonstrate the company’s commitment to their current contributions and long-term wellbeing.  Directors and managers should all be familiar with, and use, the expanding set of recognized qualitative and quantitative human capital management metrics that are now available to assist companies in gauging the effectiveness of their efforts to positively engage with their employees and disclosure the results of those efforts to investors and other stakeholders.

BlackRock made it clear that it intended to back up its public statements on HCM with constructive engagement with directors and executives of its portfolio companies with the goal of building mutual understanding, probing questions and issues to develop effective solutions and sharing information on best practices.  BlackRock’s proposed agenda for discussions with directors on HCM included:

  • Oversight of policies meant to protect employees (e.g., whistleblowing, codes of conduct, EEO policies) and the level of reporting the board receives from management to assess their implementation
  • Processes to oversee that the many components of a company’s HCM strategy align themselves to create a healthy culture and prevent unwanted behaviors
  • Reporting to the board on the integration of HCM risks into risk management processes
  • Current board and employee composition as it relates to diversity
  • Consideration of linking HCM performance to executive compensation to promote board accountability
  • Board member visits to establishments or factories to independently assess the culture and operations of the company

When engaging with management teams, BlackRock suggested that the following topics would be an appropriate starting point:

  • Policies to encourage employee engagement outcomes and key drivers (e.g., wellness programs, support of employee networks, training and development programs, and stock participation programs)
  • Processes for ensuring employee health and safety and complying with occupational health and safety policies
  • Voluntary and involuntary turnover on various dimensions (e.g., seniority of roles, tenure, gender, and ethnicity)
  • Statistics on gender and other diversity characteristics as well as promotion rates for and compensation gaps across different employee demographics
  • Programs to engage organized labor and their representatives, where relevant
  • Systems to oversee matters related to the supply chain (including contingent workers, contractors and subcontractors)

While the recommendations above were intended primarily for engagement between large institutional investors and directors and senior executives of companies with securities traded in public securities markets, they can also serve as a foundation for continuous discussions between sustainable entrepreneurs and their key early-stage investors, some of which may actually have a representative on the board and others will allow the founders to serve as the only directors but will want to be able to monitor their activities with respect to HCM in the boardroom and on the office floor.  HCM oversight is particularly important when the success or failure of a startup often turns on the “talent” that can be brought to bear on solving a particular problem and developing and launching the solution, be it a product, service or combination of both.  Outside oversight of HCM practices is challenging for startups given that lines of authority are blurred and the founders are often so focused on completing a mission critical project that they are unable to step back and consider their actions in the context of creating the appropriate workplace culture and modeling acceptable behaviors.

One of the worthiest calls for sustainable entrepreneurs is launching and building an organization in which all participants feel a “sense of purpose”, which was the central theme of the BlackRock Chairman’s 2018 CEO letter referred to above.  To achieve this goal, sustainable entrepreneurs must act purposefully with an eye on improving the skills and overall wellbeing of their employees.  A purposeful organizational does not come about on its own, it must be nurturing by its leaders.  As such, sustainable entrepreneurs should be prepared to consider the following questions, and take the following actions, when engaging with their investors:

  • Has the sustainable entrepreneur taken the lead in creating a healthy organizational culture in which all employees feel protected from unwanted behaviors of others, particularly those persons who exercise supervisory responsibilities over them? All employees need to feel free to express their opinions and the workplace should be free of harassment and discrimination and compliant with applicable health and safety standards.
  • Has the sustainable entrepreneur proactively launched programs and activities to engage with employees and build loyalty and commitment throughout the workforce? Even the smallest companies can implement wellness programs, providing training and development opportunities and allow employees to assume an ownership stake in the business through stock/profit participation programs.
  • Has the sustainable entrepreneur integrated of HCM issues into the company’s risk management processes? Talent is a scarce resource, particularly during the startup stage, and careful consideration has to be given to the consequences of being unable to recruit and retain the right people and the potential costs associated with mistakes in the hiring process.  The sustainable entrepreneur needs to be able to explain the reasons for voluntary and involuntary turnover with the pool of initial employees and take steps to remediate any problems that may be adversely impacting team building.
  • Has the sustainable entrepreneur explicitly integrated diversity goals into the company’s plans for future recruitment of employees, executives, advisors and directors? Diversity is one of the fundamental tenants of sustainability and effective HCM and goals should be set from the outset and progress continuously checked.  If goals are not being attained, an assessment should be made to identify the reasons and make appropriate changes in recruiting strategies.
  • Have HCM issues been included as explicit criteria for compensation of the sustainable entrepreneur and each of the senior executives and key managers of the company? While traditional financial goals and objectives should remain part of the assessment process, each organizational leader should expect that a significant portion of his or her contingent compensation will be based on success against mutually agreed HCM metrics that are within his or her control.
  • Has the sustainable entrepreneur established career paths for each of the employees in anticipation of future growth of the company including objective criteria for promotions and upward adjustments in compensation and is the sustainable entrepreneur committed to “equal pay for equal work” and equal opportunities for advancement.
  • Has the sustainable entrepreneur established procedures for employees to safely convey their complaints about the workplace to organizational leaders? As noted above, employees should feel free to propose ideas for improving the workplace; however, there should also be ways for employees to report, without fear of retribution or retaliation, activities that appear to be illegal, unethical or otherwise not in line with company culture and expectations and those reports need to be taken seriously.
  • Has the sustainable entrepreneur taken steps to ensure effective oversight of contingent workers and contractors? Many companies, particularly startups, rely heavily on non-employees, such as interns, contractors and outside consultants, and organizational leaders need to monitor the activities of these workers to ensure that they do not disrupt organizational culture and that the expected contributions to the business are being made.
  • Is the sustainable entrepreneur prepared to allow major investors to visit the company’s facilities to assess for themselves the organizational culture and the manner in which day-to-day operations of the company are conducted? If the major investor is a director of the company, board meetings should always be onsite and should include tours of the work spaces and interviews and meetings with managers and employees from different parts of the organization.

If the major investor is a director, each of the questions above should be covered at each board meeting and during briefer meetings or calls at regular intervals between meetings.  For their part, investors electing to serve on the board need to realize they are accepting important and substantial additional oversight responsibility with respect to HCM and should be prepared to invest the appropriate amount of time in fulfilling those duties.  Non-director investors should not be “passive” and leave HCM to the board and the sustainable entrepreneurs.  Instead they should insist on regular meetings with board members and the executive team to go over the above questions and assess whether or not the investors’ choice for director is acting as a proper steward of the company’s human capital.

Sources: BlackRock, “BlackRock Investment Stewardship’s approach to engagement on human capital management” and the BlackRock Chairman’s 2018 annual letter to CEOs.

This article is adapted from material in Governance: A Handbook for Sustainable Entrepreneurs, which is prepared and distributed by the Sustainable Entrepreneurship Project and can be downloaded here.

Alan Gutterman is the Founding Director of the Sustainable Entrepreneurship Project, which engages in and promotes research, education and training activities relating to entrepreneurial ventures launched with the aspiration to create sustainable enterprises that achieve significant growth in scale and value creation through the development of innovative products or services which form the basis for a successful international business.  Visit the Project’s Library of Resources for Sustainable Entrepreneurs to download handbooks, guides, articles and other materials relating to sustainable entrepreneurship and keep up with the Project’s activities by following Alan on LinkedInTwitter and Facebook.

Cross-Border Comparison of Directors' Fiduciary Duties

Directors around the world are expected to carry out their duties in accordance with applicable local standards of care and fiduciary responsibility; however, the specifics are not uniform and each jurisdiction has its own set of laws, norms and customs.  With respect to directors of companies in the United States, the Corporate Director’s Guidebook (Fifth Edition) succinctly describes the baseline standard for director conduct as requiring that directors discharge their duties in good faith and in a manner that they reasonably believe to be in the best interests of the corporation.  Directors owe a duty of care and a duty of loyalty to the corporation in discharging their obligations. As such, it is important that a prospective director consider whether or not he or she has the requisite experience to understand and participate in the deliberations of the board, as well as the time that is required in order for him or her to properly monitor and review the activities of the corporation. In addition, a prospective director who may become involved in business dealings with the corporation which may give rise to a conflict of interest must be prepared to fully disclose the nature of his or her interest and submit the transaction to a vote of the board of directors or, in some cases, the shareholders of the corporation.

While the duty of care and the duty of loyalty are the most well-known and widely discussed and analyzed legal obligations of US directors, the Corporate Director’s Guidebook (Fifth Edition) lists the following additional obligations that should be carefully understood by directors:

  • Directors have a “duty of disclosure” which includes an obligation to take reasonable steps to ensure that shareholders are furnished with all relevant material information known to the directors when they present shareholders with a voting or investment decision. In addition, in the course of deliberation regarding decisions relating to the corporation director have duty to communicate relevant information to their fellow directors and management.
  • Directors have a “duty of confidentiality” that requires that they refrain from public disclosure of all matters involving the corporation. The board should establish, and individual directors should abide by the terms of, confidentiality, insider trading and disclosure policies.
  • Directors have a duty to establish and monitor programs for identifying financial, industry and other business risks and for managing such risks to protect the assets and reputation of the corporation.
  • Directors have a duty to establish and monitor programs for ensuring that the corporation and its managers and employees comply with all legal requirements in the various jurisdictions in which corporation is conducting business activities.
  • Director of public companies have a duty to establish and follow appropriate procedures for ensuring that the corporation’s disclosure documents (e.g., annual reports, quarterly reports, current reports, proxy statements, prospectuses, and earnings releases) fairly present material information about the corporation and its business, financial condition, results, and prospects.
  • Directors have a duty to ensure that the activities of the corporation comply with relevant laws and regulations pertaining to employee safety, health and environmental protection and product safety. While this duty overlaps with the duties mentioned above relating to compliance programs the areas of concern are particular important because of their potential impact on the health and morale of employees and general business reputation of the company.
  • Directors have a duty to monitor the activities of officers and employees of the corporation with respect to participation in governmental processes, particularly efforts to influence legislative activities and/or the content and tone of regulations and activities designed to either encourage or prevent governmental action. Lobbying activities, including political contributions, can directly impact the reputation of the corporation and when carried out must be done in a manner that complies with applicable laws and regulations.
  • Directors have a duty to anticipate the unexpected and develop crisis management programs that can be quickly implemented upon the occurrence of a crisis event with respect to the corporation and its operations such as a natural disaster, terrorist activities, civil unrest or a significant adverse corporate development (e.g., a massive product recall or a infringement lawsuit by a third party threatening the validity of the corporation’s key patent rights).
  • Directors have a duty to act fairly and with the utmost integrity in overseeing deliberations regarding significant corporate events such as change-in-control transactions (e.g., proposed sale of the corporation) and election contests.
  • Directors have special duties of care during times when the corporation is experiencing financial distress and must be mindful of their expanded obligations beyond shareholders to include creditors and to do their best to ensure that the corporation is able to fulfill its legal obligations to all interested stakeholders.

Many of the duties described above are based on the federal securities laws and are particularly applicable to directors of public companies.

Outside of the US, the path for the development of the concept of directors having fiduciary duties has varied from jurisdiction to jurisdiction and the concept is still quite new in many countries.  The rationale for fiduciary duties is best understood from the experience in the US and the United Kingdom, both common law countries, where corporations arose as a means for separating ownership and management and it became clear that some legal framework was needed for the shareholders, as the owners of the corporation, to enforce standards of conduct upon the managers of the corporation.  The answer was to view the directors and officers of the corporation as trustees and as trustees these persons had a common law duty to act in the best interests of the shareholders, who were the beneficiaries of the corporation.  Eventually civil law jurisdictions, such as Germany, integrated concepts similar to fiduciary duty into their statutes and courts in those countries have developed those concepts through case law.  Emerging markets such as China often began by focusing on director conduct (e.g., having “high morals”, avoiding corruption and being “hardworking”) but eventually moved toward standards that emphasized protecting the lawful rights and interests of the corporation, its shareholders and others.

Today most countries around the world, regardless of their stage of economic development or their bias toward common or civil law, have laid out basic principles of fiduciary-type duties for directors and suggested skills, practices and processes that are likely necessary in order for director to effectively discharge their duties.  However, each jurisdiction is different and all of the following questions should be considered before selecting a foreign corporate entity for use as a subsidiary or the home for an international joint venture with a local partner:

  • What is the legal role of the board (or boards) of directors? Does the board collectively have responsibilities that are distinct from those of the directors individually?
  • Can the directors and/or the board (or boards) delegate any of their duties and if so, which ones and to whom, and are there any conditions attached to this delegation in terms of retaining overall responsibility for the action (or inaction) by the delegate?
  • What are the legal standards governing the conduct of directors in the performance of their fiduciary duties and do those standards incorporate a care/prudence element or equivalent (civil law) concepts?
  • Do these standards include good faith, ‘honesty of purpose’ elements and/or strictures against self-dealing or self-enrichment at a cost to the corporation and/or prohibitions on utilizing corporate opportunities for directors?
  • Is there jurisprudence that avoids “second-guessing” director conduct with the benefit of hindsight designed to limit judicial (or regulatory intervention that might chill legitimate business activity (e.g. the business judgment rule)? In other words, are decisions of the directors protected, provided that they have exercised their fiduciary duty and duty of care?
  • Are there any initiatives to codify (and/or simplify) the duties of a director? Is there any jurisprudence on how the courts have interpreted these codes or statutory provisions and, if so, have these led to contemporary governance best practice ideas being imported into court decisions?
  • Who can bring an enforcement action for a breach of duties by a director? Does the law entertain the concept of a derivative suit (an action brought by shareholders on behalf of the company) or is some form of private action available?
  • Can directors be held liable personally for a breach of their duties and, if so, can the company indemnify them and may the company, in turn, obtain insurance and are there limits imposed by statute or otherwise on the indemnity or insurance coverage (e.g. in cases of misrepresentation or fraud)?

The questions above are based on H. Gregory, C. Hansell and L. Hazell, “Comparative Analysis of Fiduciary Duty Papers”, International Developments Subcommittee of the Corporate Governance Committee of the American Bar Association Section of Business Law (2007), and a fuller discussion of cross-border comparison of directors’ fiduciary duties can be found in the article at § 33:252 of Business Transactions Solution on WESTLAW.

Federal Warranty Law

Products are generally marketed with, and supported by, various affirmative assertions from the seller with respect to certain characteristics of quality, safety, performance, and durability. These assertions, usually referred to as “warranties,” may be provided in written or oral form, although they are most commonly found in advertisements, brochures, and specification sheets. In fact, a warranty may also be derived from representations of the product in models and pictures.  Regardless of their form, warranties or guarantees are important promises by manufacturers or sellers to stand behind the products that they offer to consumers.

Whenever a transaction involving the sales of goods occurs, the parties must be mindful of various types of warranties codified in the general law of sales appearing in the Uniform Commercial Code (“UCC”), including the implied warranty of merchantability; the implied warranty of fitness for particular purpose; and any express warranties provided by the seller in connection with the sale of the specific goods or equipment, typically through affirmative written and oral statements regarding the quality of the items. While implied warranties, subject to applicable regulations, will often be modified or excluded, express warranties generally will be included to some extent in each transaction, primarily as a means of inducing customers to purchase the goods or equipment. As such, care must be taken in drafting such warranties and in designing appropriate remedies and rights for any breach thereof. For complete discussion of warranties under the UCC, see Sale of Goods (§§ 120:1 et seq.).

When writing a commercial or consumer product warranty the manufacturer or seller is faced with a complex set of decisions in determining what type, if any, written warranty to offer. Principally, these decisions will involve determining what combination of implied and express warranties to offer; determining whether to offer a full or limited warranty or multiple warranties on various parts of the product; and determining which disclaimers or limitations to include in the warranty. These issues arise in any sale of goods transaction; however, the focus of this chapter is on consumer product warranties.

Warranty provisions for a consumer sales transaction should be carefully drafted and the provisions should take into account not only the applicable legal requirements but also the business elements associated with providing warranty services to consumer customers. The essential elements of any warranty include each of the following:

  • Identification of the parties to the warranty agreement. This should include the name and address of the party offering the warranty and a description of the parties who may be entitled to the benefits of the warranty. The party providing the warranty should address the availability of the warranty to persons other than the original consumer purchaser or lessee and any conditions that need to be satisfied in order for the warranty rights to be transferred to any third parties.
  • Clear identification and description of the goods and related parts that will be covered by the warranty and, if appropriate, clear highlighting of any characteristics or components that are excluded from warranty coverage.
  • A clear and complete description of the warranties provided with respect to the covered goods and parts (e.g., the goods shall perform in accordance with the specifications etc.). In addition, the warranty statement should also include a clear and complete description of any actions or conditions that may invalidate the warranty, such as the failure of the consumer to use the goods in a certain manner or defects caused by any unauthorized service or repair of the goods.
  • A description of the remedies offered in the event that a covered good or part is found to be defective, malfunctions or otherwise fails to perform in accordance with the written warranty. In most cases, the warrantor will agree to replace or repair the covered items within a specified period of time; however, in limited circumstances, the warrantor may be willing to provide a refund of the purchase price.
  • Disclosure of the procedures that should be followed by the consumer to exercise its warranty rights, including identification of parties authorized to perform warranty services on behalf of the warrantor. The procedures should address the manner in which the covered goods are returned for warranty service, the amount of time that the warrantor will have to complete the warranty service and the procedures for returning the new or repaired items to the consumer purchaser. If the consumer purchase is required to bear any expenses, these should be clearly stated in the contract.
  • Disclose of the duration of the warranty and a clear description of the procedure for determining when the warranty period begins and ends. If any registration of the covered items is required, a statement to this effect should be conspicuously included along with clear procedures for completing the registration.
  • A description of dispute resolution procedures that can be used to resolve any questions regarding the performance of the covered goods and the warrantor’s fulfillment of its obligations with respect to providing warranty coverage.

Warranty provisions in consumer sales and lease agreements typically include additional language to address various legal requirements and risk-allocation issues. For example, the warranty should include any language mandated by applicable state law, such as a statement to the effect that certain states do not permit limitations on the duration of any implied warranties or the exclusion or limitation of certain types of remedies. In turn, state laws notwithstanding, the warrantor will almost always seek to exclude or limit incidental and consequential damages and cap the warrantor’s overall liability with respect to warranty claims at the amount actually paid by the consumer purchaser for the covered items.

In response to the widespread misuse by merchants of express warranties and disclaimers, Congress enacted the Magnuson-Moss Warranty Federal Trade Commission Improvement Act of 1975. [15 U.S.C.A. §§ 2301 et seq.; referred to as “the Magnuson-Moss Warranty Act” or “the Federal Act”] The Federal Act is based on the premise that suppliers of consumer goods vigorously use written express warranties as advertising and merchandising devices. If these warranties are to be used, they must meet federal standards in terms of disclosure and remedies provided to an aggrieved consumer.

The Magnuson-Moss Warranty Act regulates service contracts and written warranties on “consumer products” that are distributed in interstate commerce and mandates certain guidelines in connection with written warranties, regulates their disclosure to consumers, restricts conditions on warranties, imposes different requirements for “full” or “limited” warranties, and restricts the ability to disclaim or modify implied warranties.  The Federal Act does not require the tendering of a warranty on any product. However, if a written warranty is actually given to the consumer, the warranty and the services connected with it must meet certain specifications as implemented by the rules of the Federal Trade Commission (“FTC”). [16 C.F.R. Pt. 700 to 703]

The rules governing the contents of warranties [15 U.S.C.A. § 2303] apply only to warranties pertaining to consumer products costing the consumer more than $5; however, FTC rules regarding disclosure of written warranty terms [16 C.F.R. §§ 701.1 et seq.] and presale availability of warranty terms [16 C.F.R. §§ 702.1 et seq.] apply only to warranties pertaining to products costing the consumer more than $15. [16 C.F.R. §§ 701.2702.3]  Certain of the provisions dealing with designation of written warranties [15 U.S.C.A. § 2303] apply only to warranties pertaining to products costing the consumer more than $10. [15 U.S.C.A. § 2303(d)]

Consumers are given a federal cause of action for damages resulting from violation of the Federal Act or of a warranty or service contract regulated by the Federal Act, on which they may sue in an appropriate state or federal court. [15 U.S.C.A. § 2310(d)]  Given the legal requirements associated with warranties and the importance from a marketing perspective of issuing and servicing warranties in a lawful manner it is recommended that managers and other personnel responsible for warranties and service contracts offered by their companies familiarize themselves with the information and guidelines in the FTC publication called “A Businessperson’s Guide to Federal Warranty Law”.

When a company offers a product for sale, it should have a standard operating policy which describes the procedures for standing behind its products following their sale. The policy should be reviewed periodically for consistency with all product warranties and applicable law. When formulating a warranty policy, significant attention should be given to the business needs of the client, not just the requirements of the law. A warranty policy serves as a sales tool as well as a means to consciously allocate risk between a seller and a buyer for defective products. A poorly drafted warranty can reduce the sales potential for the company client as well as unnecessarily increase the risk of loss. With appropriate care in the warranty review, the attorney for the company can provide a very valuable service.  For further discussion on warranty law issues and practice tools, see Consumer Warranties (§§ 140:1 et seq.) in Business Transactions Solution on WESTLAW, which includes an executive summary for clients regarding federal warranty law (§ 140:61).

Developing a Privacy and Data Security Compliance Program

 

Developing a privacy and data security compliance program requires a substantial investment of professional and managerial time and financial resources to acquire, install and operate the necessary technological systems that serve as the foundation for collecting, using, transferring and discarding nonpublic personal information. It is common to refer to privacy and data security as a top-level corporate governance issue that involves the board of directors and senior management and as companies grow they are likely to recruit and appoint experienced professional to serve as chief privacy officers with their own dedicated personnel and budget to oversee the element of the compliance program. While there is no single template for the privacy and data security compliance program it is important to address the following:

  • Defining and identifying nonpublic personal information handled by the company and documenting how the information flows into, within and outside the organizational structure of the company;
  • Establishing managerial responsibility and control over the compliance program and allocating sufficient cash and other resources to the program;
  • Establishing and enforcing all necessary policies and procedures with regard to privacy and data security;
  • Establishing focused programs to deal with specific privacy-related risks such as online collection of information and collection and use of information during the course of customer relationships;
  • Establishing programs for educating all company employees and business partners about privacy- and data security-related requirements, including continuing education of new developments and threats for executives and managers directly responsible for the compliance program;
  • Understanding and monitoring all applicable privacy- and security-related laws and regulations including emerging trends that may change the regulatory landscape in the foreseeable future;
  • Establishing and administering procedures for oversight of vendors with access to nonpublic personal information for which the company is ultimately responsible;
  • Establishing procedures for data retention and destruction;
  • Establishing and administering privacy incident response and breach notification procedures;
  • Establishing and enforcing disciplinary policies with respect to failure of employees and business partners to comply with the privacy- and data security-related policies and procedures of the company;
  • Communicating the company’s privacy- and data security-related practices to relevant stakeholders including employees, customers, business partners, financial markets and regulators; and
  • Providing regular reports on the efficacy of the program to the board of directors and members of the senior management group.

Responsibility for administering the privacy program should be vested in a single person, generally referred to as the chief privacy officer, who will be given authority to establish privacy policies and procedures and oversee personnel in each department of the company who will be responsible for privacy-related issues in their functional area. The importance of have an executive-level position responsible for managing the risks and business impacts of privacy laws and policies is reinforced by the fact that most of the Fortune 100 companies now have a chief privacy officer or an equivalent position. The chief privacy officer, with the support of the chief executive officer and other members of the senior management group, should be prepared to implement privacy policies and practices for the entire company and coordinate the compliance activities of disparate departments such as marketing, communications, customer service, information technology, human resources and legal. The privacy officer and his/her staff should begin by making an assessment of the nonpublic personal information that the company collects and how it is used and otherwise handled by the company. Once policies and procedures are in place the privacy officer should conduct privacy impact assessments and audits of the handling of nonpublic personal information and should create training and educational programs for employees and company agents. Various resources are available for developing a privacy program including the materials that are readily available from privacy seal organizations and from privacy advocacy groups.

Achieving adequate data security and privacy protections for customers, employees and other parties requires a strategy and like any other strategy it is important to identify relevant metrics that can be used to assess performance.  Unfortunately, there is no single strategy that will be entirely successful in each instance and even companies that have thoughtfully developed and implemented data protection regimes can suffer security breaches.  When creating a data protection program companies should be mindful of the stories they might need to tell if and when problems occur and this means being able to demonstrate that the program was based on recognized industry standards and applicable regulatory guidelines.  In addition, companies should have a record of their consultation processes that includes the names and backgrounds of the technical and legal specialists that were involved.  Companies should also be able to explain how their data security framework work and when and how decisions were made among various alternative solutions.  For example, companies typically have a limited budget for their data security programs and the record should describe how and why dollars were invested in addressing particular risks.  While all this information cannot eliminate potential liability for security breaches it can help mitigate potential penalties and punitive damage awards.

Chapter 230 of Business Transactions Solution (§§230:1 et seq.) on WESTLAW covers the development and administration of policies and procedures to comply with laws, regulations and industry standards relating to privacy, data security and overall collection and use of nonpublic personal information. The materials include a large library of illustrative policies and related practice tools such as checklists for developing a privacy and data security compliance program (BTS §230:130), negotiating information security issues in outsourcing contracts (BTS §230:131) and privacy and data security issues in acquisition transactions (BTS §230:132).  The chapter also includes valuable communications vehicles for clients including client executive summaries regarding privacy and data security laws (BTS §230:133), security requirements for nonpublic personal information (BTS §230:134) and implementation and management of privacy programs (BTS §230:135).

 

Federal Trade Secrets Law Requires Changes to Employment Agreements

 

The federal Defend Trade Secrets Act of 2016 (“DTSA”), which came into effect on May 11, 2016 as Public Law No. 114-153, amended the federal criminal code to create a private civil cause of action for trade secret misappropriation.  Specifically, a trade secret owner may file a civil action in a U.S. district court seeking relief for trade secret misappropriation related to a product or service in interstate or foreign commerce (18 U.S.C.A. § 1836(b)(1)). The DTSA established remedies including injunctive relief, compensatory damages, and attorney’s fees, and set a three-year statute of limitation from the date of discovery of the misappropriation (18 U.S.C.A. § 1836(b)(3)).  The DTSA does not preempt state law, which means that trade secret owners may continue to pursue remedies in state courts while taking advantage of the provisions in the DTSA.

Under the DTSA (18 U.S.C.A. § 1836(b)(2)), a trade secret owner may apply for and a court may grant, in extraordinary circumstances, an ex parte seizure order (i.e.,, seizure without prior notice to the person against whom seizure is ordered), such as an employee whom an employer suspects may be prepared to leave the U.S. with the employer’s valuable trade secrets) to prevent dissemination of a trade secret if the court makes specific findings, including that: (1) a temporary restraining order or another form of equitable relief is inadequate, (2) an immediate and irreparable injury will occur if seizure is not ordered, and (3) the person against whom seizure would be ordered has actual possession of the trade secret and any property to be seized.  A court must take custody of and secure seized materials and hold a seizure hearing within seven days. An interested party may file a motion to encrypt seized material.  It should be noted, however, that the DTSA allows individuals or companies who believe they have been subjected to wrongful or excessive seizure to pursue a cause of action for damages including lost profits, costs of materials, loss of goodwill and punitive damages if the seizure was sought in bad faith.

The DTSA amended certain definitions in 18 U.S.C.A. § 1839 and added the following definitions of “misappropriation” and “improper means”:

“(5) the term ‘misappropriation’ means—

“(A) acquisition of a trade secret of another by a person who knows or has reason to know that the trade secret was acquired by improper means; or

“(B) disclosure or use of a trade secret of another without express or implied consent by a person who—

“(i) used improper means to acquire knowledge of the trade secret;

“(ii) at the time of disclosure or use, knew or had reason to know that the knowledge of the trade secret was—

“(I) derived from or through a person who had used improper means to acquire the trade secret;

“(II) acquired under circumstances giving rise to a duty to maintain the secrecy of the trade secret or limit the use of the trade secret; or

“(III) derived from or through a person who owed a duty to the person seeking relief to maintain the secrecy of the trade secret or limit the use of the trade secret; or

“(iii) before a material change of the position of the person, knew or had reason to know that—

“(I) the trade secret was a trade secret; and

“(II) knowledge of the trade secret had been acquired by accident or mistake;

“(6) the term ‘improper means’—

“(A) includes theft, bribery, misrepresentation, breach or inducement of a breach of a duty to maintain secrecy, or espionage through electronic or other means; and

“(B) does not include reverse engineering, independent derivation, or any other lawful means of acquisition”

The DTSA provides immunity from civil and criminal liability for an individual who discloses a trade secret: (1) to a government official or attorney in confidence to report or investigate a violation of law, or (2) in a legal complaint or filing under seal.  See 18 U.S.C.A. § 1833(b).  It is important for employers to be aware that they are required to provide notice of the DTSA immunity in any contract or agreement with an employee that governs the use of a trade secret or other confidential information, which notice requirement may be satisfied by providing a cross-reference to a policy document provided to the employee that sets forth the employer’s reporting policy for a suspected violation of law.  Failure to comply with the notice requirement will prevent employers from be awarding certain exemplary damages or attorney fees under 18 U.S.C.A. § 1836(b)(3).  The notice requirements apply to contracts and agreements entered into or updated after the effective date of the DTSA (May 11, 2016).  It is recommended that notice language track the statute, such as the following:

“Notwithstanding the foregoing nondisclosure obligations, 18 USC § 1833(b)(1) added by the U.S. Defend Trade Secrets Act of 2016 (“DTSA”) provides that an individual shall not be held criminally or civilly liable under any federal or state trade secret law for the disclosure of a trade secret that is made: (1) in confidence to a federal, state, or local government official, either directly or indirectly, or to an attorney, and solely for the purpose of reporting or investigating a suspected violation of law; or (2) in a complaint or other document filed in a lawsuit or other proceeding, if such filing is made under seal.  In addition, the DTSA provides that an individual who files a lawsuit for retaliation by an employer for reporting a suspected violation of law may disclose the trade secret to the attorney of the individual and use the trade secret information in the court proceeding, if the individual (1) files any document containing the trade secret under seal; and (2) does not disclose the trade secret, except pursuant to court order.”

For examples of how the notice should be placed into a full agreement, see the chapter on Employee Confidentiality and Innovations Assignment Agreements (§§167:1 et seq.) in Business Transaction Solutions on Westlaw.