Since OSHA’s revised fatality and severe injury reporting rule went into effect on January 1, 2015 (see related story), employers have been deeply concerned that the agency would use information contained in Rapid Response Investigation Reports (RRIs) — required by OSHA in response to approximately 50% of the reports made this year — as the basis for issuing citations and fines. This concern stems from the fact that when OSHA finds an employer’s RRI unsatisfactory, such as where the employer merely blames the victim or fails to provide what the agency determines is an adequate plan to address identified hazards, OSHA may determine that an inspection is in order.
Monthly Archives: December 2015
OSHA Assures Employers That Rapid Response Investigation Reports Will Not Be Used in Issuing Citations
Canada’s anti-spam law (“CASL”) outlines violations, enforcement mechanisms, and penalties aimed at protecting online consumers against spam, electronic threats, and misuse of digital technology. CASL’s anti-spam rules came into effect on July 1, 2014. CASL’s software update and installation rules came into effect on January 15, 2015. The latter rules are often referred to as malware/spyware computer program rules. Under these rules, CASL applies, in addition to applying in other circumstances, when a person, in the course of a commercial activity, installs or causes to be installed a computer program on any other person’s computer system, unless the person has obtained the express consent of the owner or an authorized user of the computer system as required by CASL.
The Canadian Radio-television and Telecommunications Commission (the “CRTC”) has the primary enforcement responsibility under CASL. Under CASL, the CRTC has various enforcement mechanisms, including obtaining a warrant with respect to a CASL violation. On December 3, 2015, the CRTC announced that it served its first-ever warrant under CASL to take down a command-and-control server located in Toronto, Ontario, which is a centralized computer that issues commands to a botnet and receives reports back from the co-opted computers. A botnet is a set of computers that have been compromised through the installation of malware and which can be instructed to send spam, install additional malicious programs and steal passwords, among other illicit activity.
The malware in this case was Win32/Dorkbot malware, which has infected more than one million personal computers worldwide by spreading through social networks, instant messaging programs, and USB flash drives. Once a computer becomes compromised, it can be instructed to: steal passwords used for online banking and payments; download and install dangerous malware; and join other infected computers in sending multiple requests to a specific server in the hopes of overwhelming its capacity to respond (known as distributed denial of service attack).
According to the CRTC, agencies from around the world, including the Federal Bureau of Investigation, Europol, Interpol, Microsoft Inc., the Royal Canadian Mounted Police (the “RCMP”), Public Safety Canada, and the Canadian Cyber Incident Response Centre, are working together in the investigation of Dorkbot. The warrant in Canada was granted by a judge of the Ontario Court of Justice and was carried out with assistance from the RCMP. No further details were provided by the CRTC regarding the details of the warrant or the execution process.
The ability of the CRTC under CASL to obtain a warrant is quite broad. The CRTC may obtain a warrant authorizing entry to a place, including a dwelling-house, if the justice of the peace is satisfied that entry to the place is necessary to verify compliance with CASL, determine whether CASL has been contravened, or assist an investigation or proceeding in respect of a contravention of foreign state laws that address conduct that is substantially similar to conduct prohibited by CASL. Subject to any conditions specified in the warrant, the person executing the warrant may do the following: examine anything that is found in the place; use any means of communication found in the place or cause it to be used; use or cause to be used any computer system found in the place to examine data contained in, or available to, the system; prepare or cause to be prepared a document based on the data; use or cause to be used any copying equipment to make copies of documents; remove anything found in the place for examination or copying; and prohibit or limit access to all or part of the place.
Businesses should be aware that the CRTC has indicated that it will continue to collaborate with its domestic and international partners to aggressively pursue investigations of alleged violations under CASL to protect Canadians from online threats. Although the first warrant under CASL was issued in relation to the installation of malware on computer systems, the software update and installation rules are broad in that they apply to the installation of unwanted software that is not malware or spyware. In order to comply with these rules and to avoid investigation by the CRTC, businesses should seek consent, as required by CASL, prior to installing computer programs on another person’s computer system.
In a split decision, the Ninth Circuit Court of Appeals has declined to adopt a bright-line rule to assess whether a managerial employee has filed a complaint for the purposes of § 215(a)(3) of the Fair Labor Standards Act (“FLSA”), the statute’s anti-retaliation provision. The decision, Rosenfield v. GlobalTranz Enterprises, appears to highlight a disagreement among the Circuits.
At least four Circuit Courts – the First, Fifth, Sixth and Tenth – have adopted a manager-specific legal standard: in order to engage in protected activity under § 215(a)(3), the employee must step outside his or her role of representing the company and either file (or threaten to file) an action adverse to the employer, actively assist other employees in asserting FLSA rights, or otherwise engage in activities that reasonably could be perceived as directed towards the assertion of rights protected by the FLSA. Declining to adopt such a standard, the Ninth Circuit has opted to follow a generalized “fair notice” standard, ruling that a complaining employee’s position as a manager is only one contextual element for a fact-finder to consider.
Statutory interest (art. 317.1 of the Civil code) shall be accounted as income/expenses of a taxpayer
By the Letter dated 09 December 2015 No 03-03-Р3/67486 the Ministry of finance of the Russian Federation clarifies accounting of interest on monetary obligations for profits tax purpose (hereinafter – the “Clarifications”).
Clarifications state that provided that under art. 317.1. of the Civil Code of the Russian Federation1 right of claiming statutory interest from debtor arises automatically, such interest is also charged automatically. Therefore such interest shall be recognized as non-operating income of the creditor and correspondingly as expense of the debtor at determining the profit tax base.
As 2015 winds down, I think it is safe to say that it has been a whirlwind year in telehealth. According to the National Conference of State Legislatures (NCSL), over 200 telehealth-related bills were introduced in 42 states. The Federation of State Medical Boards (FSMB) has launched an interstate physician licensure compact that creates a new pathway to expedite physician licensure in multiple states. Twelve states (with Wisconsin being the latest) have so far enacted the licensure compact. Many states such as Colorado, Iowa, and Louisiana released regulations or policies that in my view took a more progressive approach to telehealth regulation.
It’s that time of year again, the time of year when every post is a round-up, or a look at trends for 2016. We’re saying goodbye to the old, and ringing in the new, as the close of a calendar year has taught us to do.
Like everyone else, I’ve been thinking about what 2016 will have in store. While I won’t be doing any typical “top ten” posts this year, I am using today’s Two for Tuesdays to look at two goals I have for content marketing (my own and the ILN’s) in 2016. I’ve been thinking about these for a while, and fortunately, industry trends seem to be bearing them out. We’ll get to what they are in a moment, but first, I’d like you to think about what your content marketing goals are for 2016 – I read a great quote in an Inc. article this morning that reminded me that we all have to up our game:
As we look towards the New Year, employers with locations in various jurisdictions should be mindful of state and local minimum wage increases that will soon take effect.
Some of these increases are a result of laws that tie wages to an economic index (generally the Consumer Price Index). Others are the result of recent legislation.
Below are two charts addressing these changes. The first summarizes the relevant changes for states; the second, for cities and other localities.
Please note that Arizona, Florida, Missouri, Montana, New Jersey, Ohio, Oregon, and Washington all have CPI based wage laws, and all have determined that there will be no minimum wage increase in 2016.
December 22, 2015 — Collective agreements frequently contain clauses providing that tasks normally performed by workers in the bargaining unit cannot be performed by employees who are not members of the unit. Drafting these clauses requires special care.
Digital Media, Technology & Privacy Alert >> Wyndham Settles FTC’s Data Breach Case After Ruling Reinforced FTC’s Authority
After a long and rare court battle, the Wyndham Worldwide Corporation has agreed to settle a lawsuit brought by the Federal Trade Commission (FTC) that contended that the company’s security practices had unfairly exposed the payment card information of hundreds of thousands of consumers to hackers in three separate data breaches. The settlement contains some unique requirements that differ from past FTC consent orders.
As we have previously discussed earlier this year, in the D&G alert, (click hereto view) on three occasions in 2008 and 2009, hackers successfully accessed Wyndham Worldwide Corporation’s computer systems. In total, the hackers allegedly stole the personal and financial information of hundreds of thousands of consumers, leading to over $10.6 million in fraudulent charges. Although the vast majority of targets of FTC data security enforcement actions choose to settle, Wyndham decided to challenge the FTC’s authority to pursue the matter.