In the rapidly developing world of AI, federal regulators are again signaling that businesses and HR managers cannot depend on a “data made me do it” defense to employment decisions made with the help of AI systems. Expanding on guidance it released in May, the US Department of Labor (DOL) issued new guidance on October … Continue Reading
Oops. Just found an unanswered question left over from our investigations webinar and blog series earlier in the year. Apologies if it was yours. The question revolves around employer and investigator interactions with the Police where the subject matter of your workplace investigation is potentially criminal conduct, and is maybe best answered as a series … Continue Reading
The metaverse is poised to reshape the way we live and work. Employment law in real life is vexing enough, with US employers required to navigate the complex federal, state and local laws and regulations that impact the employment relationship. Now some employers and businesses are making the leap into the virtual world, where employment … Continue Reading
Each year, all private employers that are covered by Title VII of the Civil Rights Act of 1964 and that have 100 or more employees must file EEO-1 Component 1 data, which consists of demographic information – such as race, gender, and ethnicity information – of the employer’s workforce by job category with the U.S. … Continue Reading
From Labor & Employment Partner Katharine Liao and our Data Privacy & Cybersecurity colleague Kristin Bryan, below is a post from Squire Patton Boggs’ Consumer Privacy World blog covering recent legal developments involving electronic monitoring of employees in New York State. Beginning on May 7, 2022, employers in New York State who engage in electronic … Continue Reading
After postponing the opening of the 2019 EEO-1 Component 1 Data Collection on May 8, 2020 due to the COVID-19 pandemic, on April 26, 2021, the U.S. Equal Employment Opportunity Commission (“EEOC”) announced that the 2019 and 2020 EEO-1 Component 1 data collection is now open.… Continue Reading
Just flicking idly through the ICO’s new guidance the other evening, as you do when the only alternative is Ant & Dec, and two paragraphs caught my eye. In the section relating to DSARs which are “manifestly unfounded” (and can therefore be batted away by the employer) appear two examples, where:… Continue Reading
Unheralded and unannounced, recently revised GDPR guidance from the ICO removed one small source of comfort for employers facing DSARs from employees. It used to say that the 30-day time limit was paused, the clock stopped, if you asked the requester for information to clarify his DSAR and it was not provided. This was not … Continue Reading
On October 29, 2019, the U.S. District Court for the District of Columbia ordered that the EEOC must continue to take all steps necessary to complete EEO-1 Component 2 data collection for calendar years 2017 and 2018. As we recently discussed here, the EEOC filed a motion on October 8, 2019 asking the court to … Continue Reading
As we most recently reported here and here, as of September 30, 2019, employers with 100 or more employees (and federal contractors with 50 or more employees) were required to report to the federal government pay data for 2017 and 2018 for their workforce (known as “Component 2” data), broken down by race/ethnicity, sex, and job … Continue Reading
In part 1 of an upcoming series of posts on the California Consumer Privacy Act (CCPA), members of our Data Privacy & Cybersecurity and Labor & Employment practices discusses the limited moratorium on employee/worker data, the scope of the exemption under the moratorium and what employers need to do now. The full post is available … Continue Reading
Some DSARs can be wonderfully straightforward: “Can I have a copy of my personnel file?” “Absolutely, here you go” “Can I have a copy of the notes from my appeal hearing?” “Of course, all yours. Any time” However, a large number of DSARs submitted by employees are far more taxing: “Can I have all personal … Continue Reading
In the second of our five part blog series on Data Subject Access Requests (DSARs), we examine the notion of “complexity” and how that might affect the way you respond as an employer to a DSAR. What is “complex”? Under the General Data Protection Regulation (GDPR), data controllers must respond to DSARs “without undue delay … Continue Reading
Just when we thought we were getting to grips with some of the stickier issues around Data Subject Access Requests (DSARs), then along comes the EU General Data Protection Regulation (GDPR) and numerous new ambiguities over how its DSAR provisions might work in practice. We are waiting for the ICO’s guidance and update on its … Continue Reading
In many countries, individuals are identified by a unique number issued by the government. Probably the most ubiquitous example is the Social Security Number in the United States, which is generally necessary to obtain employment, open a bank account or obtain a driver’s license, and is used for credit monitoring and other private sector purposes. … Continue Reading
In response to our invitation to contact us with GDPR enquiries, one kind reader has bowled us this particular googlie: Most people in business will have accumulated large contact lists in Outlook email systems or similar, containing many names and other contact details built up over a number of years. Will the GDPR really require … Continue Reading
I first became interested in employee privacy and monitoring many many years ago. A client received a complaint from an employee who had just discovered that his brief interlude having sex with a colleague in the stockroom had been caught on the camera placed there to cut down on theft. I forget the precise gist … Continue Reading