Main Menu
Posts from March 2015.

Nancy Cooper, member of our Labor and Employment Group and Hospitality, Travel and Tourism practice team, discusses the NLRB's March 2015 report and the importance of reviewing and updating your employee handbook. Thank you for today’s post, Nancy! – Greg

The National Labor Relations BEmployee Handbook and Formsoard (NLRB or the Board) oversees all things union under the National Labor Relations Act (NLRA). Congress enacted the NLRA in 1935 to protect the rights of employees and employers, to encourage collective bargaining, and to curtail certain private sector labor and management practices, which can harm the general welfare of workers, businesses and the U.S. economy. Even though the NLRB is focused on labor management practices with the unionized workplace, it also has jurisdiction over private sector employers who do not have a union. The Board just has not often exercised that authority – but that has increasingly changed that over the last ten years or so.

The NLRA gives employees the right to act together to try and improve pay and working conditions (“protected, concerted activity”), whether the employees are union or non-union.  These rights are also commonly referred to as Section 7 rights because they are outlined in Section 7 of the NLRA. The NLRB has become more active in enforcing these rights.  Generally, the Board looks to see if actions taken are of a concerted (more than one person) nature intended to address issues with respect to employees’ terms and conditions of employment. Sometimes, though the issue is not the action taken, but the rules that govern the employees’ behavior, such as those in your employee handbook.

On March 18, 2015 the General Counsel of the NLRB issued a report regarding what language in certain employer policies would be considered lawful, and what would not.  When reviewing such rules, the NLRB looks at whether or not the language would act to chill employees from exercising their right to engage in a protected, concerted activity. In other words, they looked at each policy before them to determine if the average reasonable employee would likely read the policy to mean that the employee was not allowed to talk about the terms and conditions of their employment with others, whether that be outside people or other employees. If it could be read to mean that, the policy was unlawful.

So what sorts of things could be read to restrict employees from talking to each other? Just about anything from social media policies to confidential information policies to anti-harassment rules and anywhere in between.  Above all, the context in which a phrase was used seemed to make a difference if a phrase was a close call.  So it is important, as you review your handbook, to not just focus on the words themselves but also the context in which they are used.  Additionally, it is important to remember that a simple disclaimer such as, “Nothing in this policy is meant to prevent employees from engaging (or declining to engage) in discussions about their terms and conditions of employment” may be helpful, but they are not an automatic guarantee that an otherwise unlawful policy will now be lawful.

Some examples of phrases the NLRB found to be problematic (and why) are:

Confidentiality:

  • Do not discuss customer or employee information outside of work, including phone numbers and addresses. (Overbroad reference to “employee information” and the blanket ban on discussion may lead an employee to think they could not discuss the terms and conditions of employment, including the contact information of other employees so that they could all talk.)
  • Discuss work matters only with other Company employees who have a specific business reason to know or have access to such information. Do not discuss work matters in public places. (Broad restrictions that do not clarify they are not meant to impinge on an employee’s rights under the NLRA so an employee could reasonably understand it to encompass wages, benefits and other terms and conditions of employment.)
  • Confidential Information is: “All information in which its (sic) loss, undue use or unauthorized disclosure could adversely affect the Company’s interests, image and reputation or compromise personal and private information of its members.” (Employees have a right to share information that supports their complaints about wages and terms and conditions of employment, and employees may believe they cannot disclose that kind of information because it might adversely affect the Company’s interest, image or reputation.)

Employee Conduct Toward Employer:

  •  Be respectful to the Company, other employees, customers, partners and competitors. (Overbroad and employees could reasonably construe them to ban protected criticism or protests regarding their supervisors, management or the Company in general.)
  • No defamatory, libelous, slanderous or discriminatory comments about the Company, its customers, and/or competitors, its employees or management. (Overbroad and employees could reasonably construe them to ban protected criticism or protests regarding their supervisors, management or the Company in general.)
  • It is important that employees practice caution and discretion when posting content on social media that could affect the Company’s business operation or reputation. (Overbroad because it could reasonably be read to require an employee to refrain from criticizing the employer in public.)

Employee Conduct Toward Another Employee:

  • Do not make insulting embarrassing, hurtful or abusive comments about other company employees online and avoid the use of offensive, derogatory or prejudicial comments. (Overbroad because debate about unionization and other protected concerted activity is often contentious and controversial. Employees could reasonably read such a rule to mean they are limited in their ability to be honest in discussions regarding these subjects.)

There are many more examples of problematic employer rules on various topics in the report. You are encouraged to look again at your employee handbook and employer rules.  If you have any questions, or for more information regarding this report, please feel free to contact me or Nancy. We will be glad to help bring your employer rules back within the safety zone – at least until the next General Counsel report is issued.

Victoria Slade, member of our Labor and Employment Group, brings us the latest ruling on Seattle's Minimum Wage Ordinance.  Thank you, Vicky! – Greg

monimum wage increase aheadIn a 43-page ruling issued late Tuesday, Federal Judge Richard Jones denied the International Franchise Association’s (“IFA”) bid to prevent Seattle’s Minimum Wage Ordinance’s franchise provision from going into effect as written. As a result, starting April 1, most franchisees in Seattle will be treated as “large” employers under the Ordinance, meaning they must pay the higher initial rate of $11 per hour. They also will scale up to the $15 minimum wage in just three years, much more rapidly than small businesses. While this is not the end of IFA’s case attacking the franchise provision, it is a big setback and a strong indication that IFA is unlikely to ultimately be successful.

IFA had sought a preliminary injunction, challenging the Ordinance’s definition of “large” employers as including all franchisees that are part of a chain with more than 500 employees anywhere in the nation. It argued that franchisees are more like small businesses, because individual locations are separately owned and have far fewer than 500 employees. It argued that, by lumping small franchise owners together with large businesses, Seattle was putting franchisees at a competitive disadvantage. It further alleged the City had intentionally discriminated against franchisees because of its preference for local businesses. This discrimination, if proved, would be a problem because states and cities are not allowed to enact legislation that is intended to or has the effect of favoring local businesses over out-of-state businesses. IFA’s motion, if granted, would have put a temporary hold on the franchise portion of the Ordinance and required that franchisees with fewer than 500 employees be treated as small businesses until the case was fully resolved, which could take until the end of this year. The Court heard three hours of oral argument on the motion last week.

The Court’s Order rejected each of IFA’s legal theories. In sum, the Court found:

  • The Ordinance is not discriminatory as written because it applies equally to franchisees whose corporate headquarters are in Seattle.
  • The Ordinance does not have a discriminatory purpose. The stated purpose of the minimum wage hike is to reduce income inequality and promote the general welfare, health, and prosperity of Seattle workers, and the rationale for differentiating between small and large businesses is the recognition that large businesses will have less “difficulty accommodating the increased costs.” Although IFA argued that comments by a member of the Advisory Committee to the Mayor regarding “extractive national chains” revealed an ulterior motive to harm multi-state businesses, the Court gave these comments little weight. It reasoned that this was a “politically charged” issue with impassioned debate, “fervent remarks,” and lobbying on both sides, making it improper to focus so heavily on a comment by one member of the public. It also rejected IFA’s argument regarding statements by members of the City Council, reasoning that the statements, even if they were discriminatory, were “insufficient to override the entire City Council’s formal statements of purpose in the Ordinance itself.”
  • The Ordinance does not have a discriminatory effect on franchisees. To invalidate the franchise provision under this argument, IFA had to prove the Ordinance would harm franchisees so much that the ultimate effect would be that local goods would have a larger share of the market than goods that come from out of the state. The Court found IFA had only argued potential, rather than actual, harm to franchisees and refused to “speculate or to infer discriminatory effect without substantial proof.” Although IFA had argued that franchisees would be forced to close up shop or that new franchisees would not open in Seattle, there was insufficient proof of this. Moreover, the Court noted, there was some evidence that franchisees would not be harmed because they could draw upon the “greater financial resources” of their franchisors to support them during times of business stress. Even if the court did assume there would be some negative effect on franchisees from the law, this burden would not override the local benefit from assisting low wage workers, and, in any event, the court stated, “it is not the court’s place to second guess the reasoned judgments of the lawmakers who studied and analyzed this issue as part of an involved legislative process.”
  • There was no equal protection violation because it was rational for the City to believe franchisees would be able to tolerate the increased wage better than small independent businesses. The court pointed to economic benefits from the franchise relationship, such as national advertising, valuable and well-known trademarks, reduced cost for supplies and raw materials, training, and a network of other franchisees who provide valuable business advice. The Court also pointed out various benefits that individual plaintiff franchisees had acknowledged, such as one Holiday Inn franchisee’s use of a large on-line reservation system and access to a loyalty reward system with 74 million members worldwide.
  • The Court also rejected IFA’s other arguments, including its First Amendment claim, its argument that the Ordinance was preempted by federal law on copyrights (the Lanham Act) or health plans (ERISA), and its claim under the Washington State Constitution’s Privileges and Immunities clause. For each, the reasoning was essentially that these theories, while in some cases “novel and creative,” were not well-supported under the law and were otherwise unpersuasive, given the court’s reasoning on some of the previous claims.

Overall, the Court found IFA did not prove it was likely to win on any of its arguments. Although it was “sympathetic to the concerns of franchisees,” it also found that any harm from the Ordinance taking effect was speculative and not supported by the evidence. It also balanced the harm to franchisees against the “concrete harm” to low-wage employees if they lost the expected wage increase and found the equities did not support the requested injunction. Finally, in a serious blow to IFA’s chances at ultimate success in this case, assuming it goes forward, the Court found IFA had failed to raise “serious questions” showing it had a “fair chance of success on the merits.”

Although this ruling is not the end of the case, Judge Jones’ thoughtful and comprehensive analysis of IFA’s claims is a strong indication that IFA will not ultimately be successful while the lawsuit is before Judge Jones. If you have any questions on this ruling, the IFA litigation, or Seattle’s Minimum Wage Ordinance in general, please contact me, Diana Shukis, or Victoria Slade.

VirusHow secure is the data on your office copier?  Today's post from Benjamin Lambiotte, technology and data privacy attorney in Garvey Schubert Barer's D.C. office, outlines the data security risks associated with office machines, as well as the warning signs and steps that you can take to reduce those risks.  Thank you, Ben! - Greg  

Current generation multifunction printer/scanner/copier devices are convenient, inexpensive, and very popular. Often overlooked is the fact that most modern printers, copiers, and scanners have many of the same attributes of computers, and are just as vulnerable to the same kind of cyber exploits and attacks as computers. A truly comprehensive data security and privacy risk management approach requires that these commonplace devices be viewed as an integral part of an enterprise’s IT systems, and that device-specific measures be taken to secure them. The National Institute of Standards and Technology (“NIST”) last month published a report on risk management practices for “replication devices,” The NIST report identifies risks associated with such devices, and provides guidance on protecting the confidentiality and integrity of information processed, stored, or transmitted on them.

Risks

Threats include:

  • Default administration/configuration passwords: Many devices have default passwords which can be easily obtained and used to access stored data, or to control the device.
  • Data capture: Unless encrypted, data transmitted or stored, including passwords, configuration settings, and data from stored jobs, is vulnerable to interception or modification.
  • Spam: Unless properly configured and without proper access control, many devices will process any job submitted, which could waste paper, toner, and ink, and tie up the device.
  • Alteration/corruption of data: If passwords or configurations are changed, denials of service for authorized purposes or potential damage to the device could result.
  • Outdated and/or unpatched operating systems and firmware: Many devices run an embedded operating system, making them subject to the same threats as any other computer running those operating systems. Also, older devices may have embedded versions of operating systems no longer supported by the manufacturer, which may leave “unpatched” security issues.
  • Open ports/protocols: For devices that can connect to local networks or the Internet via wireless or ports, open ports and protocols allow data to flow to and from a device. Through open ports, attackers may gain undetected access, and data tampering, unauthorized access, and denial of service can result.

Warning Signs

The Report identified several signs indicating that the security of such a device may be compromised:

  • Display malfunctions or shows incorrect information;
  • Materials (ink, paper, or other supplies) run out faster than usual;
  • Increased number of failed or timed-out jobs;
  • Unexplained/unauthorized changes in configuration settings;
  • Device completes processes slower than expected;
  • Device uses more network time/bandwidth than usual;
  • Time stamps do not align or make logical sense;
  • Communications with unknown IP or email addresses increase; and
  • Markings indicating tampering around key areas of the device (e.g., hard drive or SSD compartment, display area).

Countermeasures

An Appendix to the Report provides a very useful device risk assessment template and checklist. It gives practical guidance on best security practices, across the entire lifecycle of the device. Examples of some countermeasures include:

  • At acquisition, or in third party supply and support contracts, ensure that the device meets common data security standards, is capable of operating in a secure mode, and that the OS is actively supported by the OEM;
  • At deployment, change vendor default passwords, and configure the device to operate in a secure mode;
  • During operation, control device access through PINS and passwords, control physical access to the device itself and its components, such as the SSD or hard drive, and track usage, ensure that stored and transmitted data are encrypted, and timely implement OEM security “patches” and fixes;
  • During operation, control network access using standard organization practices, close unused open ports and protocols, disable wireless identifier broadcasting, and configure the device to prevent communications to and from unknown and unwanted addresses (blacklist/whitelist); and
  • When taking the device out of service, change all passwords and PINS to vendor defaults, and remove or sanitize all hard drives and SSDs on which data may be stored.

The NIST report is available here.

If you have any questions, or for more information on data security, please feel free to contact me or Ben, directly.

Innovation PicDon’t miss out on the Third Annual Travel & Technology Conference/TNT: Connecting Concepts with Cash, scheduled for March 17, 2015, Hilton Union Square, in San Francisco, CA. This year’s event is being produced by our friends at Hospitality Upgrade, and looks to be another great conference, including a $10,000 prize package for the winning pitch company!  In addition to pitches by some of the industry’s most exciting start-ups, this year’s event will feature presentations and discussions on big data, distribution and restaurants, among other things.  For more detailed information, please see link to Agenda.  If you are interested in attending, please see registration link here -- I look forward to seeing you at the conference! – Greg

 

We are excited to announce thBrand. Business Concept.at The State of Branded Keywords in Paid Search, Q4 2014 is now available for download from our good friends (and former contributors) at Seattle-based BrandVerity. This comprehensive report shows how third parties use popular brand terms in paid search advertising, and includes over 250 brands from 10 different categories. This report is an update of their Q3 2014 study, previously featured on our blog.

If you have any questions about the report, please feel free to contact me.

Search This Blog

Subscribe

RSS RSS Feed

Greg Duff, Editor
Greg Duff founded and chairs GSB’s national Hospitality, Travel & Tourism group. His practice largely focuses on operations-oriented matters faced by hospitality industry members, including sales and marketing, distribution and e-commerce, procurement and technology. Greg also serves as counsel and legal advisor to many of the hospitality industry’s associations and trade groups, including AH&LA, HFTP and HSMAI.

Recent Posts

Topics

Select Category:

Archives

Select Month:

Contributors

Back to Page