A California state court recently permitted the defamation and libel claims of Lan Lee, a former employee of NetLogic Microsystems, to move forward against Yunchun Li, the wife of the employee’s former business partner.
Li told the FBI and the CEO of NetLogic that Lee was transferring Netlogic’s trade secrets to China (among other things). Li provided this information to NetLogic and the FBI to keep her husband (another NetLogic employee) from continuing his work with Lee on an outside business opportunity in China, and to protect her family’s financial condition. When she made the report, Li did not mention her husband’s involvement. However, the government ultimately tried Lee and Li’s husband for economic espionage and trade secret theft. Both were ultimately acquitted. As a result of the criminal investigation and trial, Lee lost his job and spent most of his financial savings on his legal defense.
Lee then filed a civil suit against Li for defamation, libel per se, interference with prospective economic advantage, intentional infliction of emotional distress, and invasion of privacy. On June 6, 2014, the Court of Appeal of the State of California Sixth Appellate District permitted the defamation and libel claims to move forward. The court found that Li’s statements to the NetLogic CEO were not protected as “in the public interest,” because Li admitted in her criminal trial testimony that she had no basis for asserting that Lee had stolen trade secrets. Li argued that her statements were her own opinion, which the court rejected because her statements contained provably false factual allegations that Lee was stealing trade secrets. Thus, arguing that such statements were merely “opinions” did not entitle Li to protection from a defamation claim.
Many companies have codes of conduct that require employees to report suspected improper use of trade secrets, as well as suspected trade secret theft. This civil lawsuit presents a conundrum for companies where the reporting employee has an ulterior motive for making the report. Here, the reporting employee did not appear to have the company’s best interests in mind when making the report. Indeed, she made the report for very personal reasons, and now she will have to defend those reasons in a civil lawsuit.
So, what impact does this have on companies looking to prevent trade secret theft? My takeaway? A company investigation of trade secret theft should be thorough – looking not only to the content of the report itself, but also the source of the report. As in any investigation, credibility of the reporter is very important and should be taken into consideration when determining a proper course of action (i.e. a pursuit of civil or criminal remedies).
Thanks to Kristen Barlow Rand for contributing to this post!
Proskauer Rose LLP recently released its third Social Media in the Workplace Around the World 3.0 survey. Drawing 110 responses from a broad range of businesses, the survey reveals interesting trends in how businesses are addressing the ever-increasing use of social media in the workplace.
In terms of social media policy implementation, while 20% of businesses still don’t have social media policies, the overall number of businesses with social media policies is on the rise. That percentage can be compared to Proskauer’s 2011 survey in which nearly 45% of businesses did not have social media policies in place.
However, as many of you already know, simply having a social media policy is only half the battle; the social media policy must also be comprehensive enough to cover multiple risks. The survey revealed that many businesses may not be drafting comprehensive policies. For example, while 80% of businesses reported that their social media policy protected against misuse of confidential information, only 17% of those with policies have provisions that protect them against ex-employees who may misuse social media. Additionally, only 64% of businesses reported that their policies address harassment via social media.
In terms of enforcement, 70% of businesses reported disciplinary action against social media misuse in the office and 36% of businesses block access to social media sides, compared to 27% in 2012. Additionally, 41% of businesses monitor the use of social media sites at work, compared to 36% in 2012 and 28% in 2011. While 43% of businesses permit employees to access social media at work, this is a decrease of 10% from the 2012 survey.
Overall, trends indicate that while businesses are taking social media use seriously, policies still have some holes that should be addressed to mitigate against certain risks, such as unlawful harassment. Additionally, while the number of businesses monitoring and even blocking social media is on the rise, businesses should be careful that any monitoring of social media does not expose them to liability under state and federal privacy or labor relations statutes.
How do the survey results compare to your company’s experiences with employee social media use? Do you see the trends changing in the near future?
Authored by Kristen Barlow Rand.
Do you worry about strangers, competitors or foreign governments looking at personal and business information on your smartphone in the event that device is lost or stolen? If so, you are not alone. To alleviate some of that concern, we always recommended that employers obtain employee consent to “remote wipe” employee smartphones containing employer information – and to obtain that consent before the employer grants access to that company data. This topic seems to be recurring pretty regularly lately. In fact, a few weeks back, I was talking about remote wipe technology at lunch with a friend from RevNet - a company which helps clients manage mobile devices. He sent me a link to an interesting CNN article, ‘Kill switch’ may be standard on U.S. phones in 2015, that discusses a voluntary program for all cellular carriers to make “kill switches” standard in all mobile devices by July 2015. So far, a number of the cellular carriers and smartphone makers have signed up. (If activated by the user, a kill switch would render a lost or stolen device inoperable and supposedly lock all data on that device.)
While the CNN article focuses on a voluntary program, a bill has also been introduced in Minnesota, Smart Phone Device ”Kill Switch” which, if passed, will mandate that any smartphone sold in Minnesota be equipped with technology designed to render the device inoperable in the event of theft or loss. This means that in order to comply with the proposed law in Minnesota, any “kill switch” function must be designed to:
(1) lock all of the smart phone’s user data, and ensure that it is only accessible to the user or a law enforcement officer subject to a valid search warrant;
(2) render the smart phone core functionality inoperable on any wireless telecommunications service provider’s network globally;
(3) prevent the smart phone from being reactivated without a passcode or other similar authorization, even if the device is reprogrammed, is turned off and subsequently turned back on, has its network connectivity disabled and subsequently re-enabled, or has its SIM card removed; and
(4) be reversible in the event of the smart phone’s recovery by its owner.
(Similar legislation in California failed to pass the Senate just days ago. )
So what does this mean for employers and individuals? Whether smartphone makers decide on their own to incorporate this technology into their operating systems, or whether state legislatures mandate the so-called kill switch, the option of flipping a kill switch may provide individuals and employers with additional options for managing the information contained on those devices. The big question will be whether individual or employers will utilize the technology. I plan to keep this discussion going with our IT folks and we will keep you posted.
In the meantime, what do you think? If faced with a lost or stolen phone – would you activate the switch? As always, we welcome your input.
On February 27, 2014, Fredrikson kicked off its new “Practical Perspectives” seminar series. As the Chair of our Trade Secrets and Non-Competes Groups, I was fortunate to moderate the panel discussion with some of our trade secret litigators, as well as representatives from the FBI and the U.S. Attorney’s Office. I have summarized the key take-aways and practical perspectives shared by the panel below.
TRADE SECRET THEFT – A SIGNIFICANT PROBLEM
The ability to innovate and protect intellectual property drives business growth, development, and investment. However, businesses face increasing threats to their valuable trade secrets and other critical business information. Recent estimates suggest that trade secret theft costs U.S. businesses billions of dollars each year. Panelists noted that the problem is exacerbated by the following common business practices and employee perceptions.
- Business data is stored everywhere, including on employees’ home computers and mobile devices. As a result, the potential for critical business information to walk out the door with an employee is high.
- Most employees think that storing proprietary business information on personal devices is an acceptable way of doing business.
- Most IT professionals acknowledge that they don’t know what data leaves their company on a daily basis.
COMPANIES SHOULD CONDUCT A DATA PROTECTION AUDIT NOW
The starting place for any successful data protection program is to determine what company information is confidential or a trade secret, who has access to that information, and where that information is stored. A civil or criminal action alleging misappropriation of proprietary information must identify with particularity the proprietary information that was taken wrongfully.
Too many companies share information broadly with employees labeling everything as “confidential.” While an open system may facilitate communication and spur creativity, it can have a disastrous effect on a company’s ability to protect their intellectual property down the road. Take the important first step of clearly identifying true trade secrets and other confidential information and be careful to restrict and keep track of who has access to that information.
BEST PRACTICES FOR DATA PROTECTION
Recent trade secret cases demonstrate that a simple trade secret policy or nondisclosure agreement with employees may not be enough. Companies should (1) take proactive steps to secure trade secrets and confidential information against theft and (2) take clear and consistent action to protect and recover data from departing employees. See, my colleagues’ summary for employers: Best Practices for Data Protection.
Panelists highlighted these steps to protect data from employee theft:
- Create a “culture of protection” by training employees on the importance of confidentiality, clearly defining what that information entails, and addressing how such information must be handled.
- Use clear, non-ambiguous policies for recovering any and all company property and information from departing employees. Consider limiting access to company information, systems and equipment immediately upon receiving an employee’s notice of departure.
- Set specific deadlines for return of company information stored on personal devices. Note that words like “promptly” may not be specific enough.
- Remember that data protection policies should also address the employee intake process. Take steps to avoid potential claims from former employers for theft of their trade secrets. A strong process can protect you from claims when employees you hire engage in wrongdoing.
NEED TO EVALUATE AND UPDATE PROTECTIONS IS ONGOING
Good data protection is not a once-then-done process. Panelists recommended the following:
- Periodically review your practices to ensure that only confidential and trade secret information is being treated as such, that only those employees with a need to know have access to the information, and that the information is secure.
- Electronic policies (banners) alerting employees to authorized uses of company computers and systems should be updated as new best practices emerge. For example, revising banner language can help companies avail themselves of emerging best practices under the Computer Fraud & Abuse Act.
BENEFITS OF AND BEST PRACTICES FOR WORKING WITH LAW ENFORCEMENT
Panelists stressed the value of having a good working relationship with law enforcement, such as the U.S. Department of Justice and the Federal Bureau of Investigation. The first call to law enforcement should not wait until a company experiences a theft. Rather, companies should establish connections and build relationships now. Panelists also noted that:
- Companies should contact law enforcement at their first suspicion of theft and not wait until after their civil actions against a former employee have stalled.
- Federal law enforcement agencies have tools that may quickly resolve an issue before a company experiences any damage. Such tools include the power of law enforcement to “knock and talk” to a suspect and access information through international treaties.
- The DOJ has developed this this guide for reporting an intellectual property crime. (A checklist for reporting a crime can be found beginning on page 15.)
DOJ AND FBI MAKE ECONOMIC ESPIONAGE A PRIORITY
Intellectual property protection is a high priority for both the DOJ and the FBI, and they have prepared information and training tools to help companies safeguard their trade secrets, proprietary information, and research. Panelists shared these key resources:
- The DOJ and FBI produced this guide to safeguard company trade secrets. The guide notes common theft tactics and insider threats that can help companies stay alert to possible internal and external threats.
- Business professionals traveling abroad should take precautions to ensure the safety and security of business information. This guide provides specific recommendations for doing so.
Overall, this was an engaging discussion that many of you are likely having in your organization. If you have thoughts to share, we would love to hear them. If you have concerns about trade secret protection or data loss prevention, contact us off-line for more information.
LBDS is a Texas developer of cardiac MRI technology. ISOL Technology Inc. is a manufacturer of MRI systems based in South Korea. According to a federal court complaint (LBDS Holding Company, LLC v. ISOL Technology Inc. et al., 6:11-cv-00428, (E.D. Tex. Aug. 16, 2011)), LBDS contracted with ISOL in 2008 to purchase MRI systems with ISOL agreeing to integrate LBDS’s proprietary technology into those systems. The agreement contained a non-disclosure provision and LBDS disclosed its technology to ISOL to assist with the integration project.
The relationship turned south in 2010 at a convention for the Radiological Society of North America. LBDS’s CEO attended the convention and saw a competitor’s booth displaying LBDS’s proprietary cardiac technology. To make matters worse, he saw ISOL management and engineers manning the competitor’s booth.
LBDS sued for breach of the non-disclosure provision, unfair competition, and misappropriation of trade secrets. LBDS alleged that ISOL took the cardiac technology and integrated it into the competitor’s system, even helping to market the new product in South Korea and, brazenly, at the trade convention. A Texas jury agreed with LBDS and awarded the company $25 million in damages.
While trade secret theft may conjure up images of rogue employees or shady outside actors, the LBDS case reminds us that trade secret theft can also occur when a company invites a contractor through the door.
When contracting with third parties it is important to:
- Review contracts to ensure information is protected by appropriate non-disclosure provisions;
- Perform due diligence on contractors, particularly those operating overseas;
- Carefully monitor projects that require the disclosure of trade secrets to third parties.
Although LBDS obtained a sizeable jury verdict, it couldn’t unring the bell – the competitor still received highly confidential information. The lesson is clear: be careful who you let in the door.
What steps does your company take to protect trade secrets when contracting with third parties?
Authored by David G. Waytz, Associate, Fredrikson & Byron, P.A. Thanks, David for the guest post!
As you may recall, we recently posted about the potential business impact of the relatively new app Confide (Confide – a New App Touted for “Off-the-Record” Business Discussions – Good or Bad for Business?). We promised we would follow up with some practical reminders about why you should insure that your policies are keeping abreast of technology. Corporate policies and employee education are often two of the most effective means of placing employees on notice of company expectations of behavior, communication, use of electronic resources, and protection of confidential information – just to name a few. But what happens when those policies don’t even contemplate certain employee behavior because they don’t address the technology behind the behavior? Will those policies be effective in light of emerging technology?
Let’s evaluate some of the policies and training regimes that could be implicated, and might need to be reviewed, in light of new technology, or apps, like Confide and Snapchat:
If you permit employees to access company systems on personal devices and those employees keep company contact information on that personal device, you might want to consider whether your BYOD policy should prohibit the use of certain applications that require access to that information. Permitting employees to use apps, which require the User to grant access to the User’s entire address book, could later impact your ability to prevent the employee, or others, from using or disclosing that contact information. We have raised this issue in the past when talking about the ease with which LinkedIn makes uploading your entire contact database (See Who Owns Your Company’s Social Media Profiles, Contacts and Content?).
You likely have a policy that prohibits improper use or disclosure of confidential or sensitive information (such as client or patient information). Those policies could be updated to specifically reference that disclosure of confidential or sensitive information via any app or text message is prohibited – including taking or sending pictures of such information. The policy should remind employees that all company information, whether generated through a personal or corporate device, belongs to the employer – not to the employee – and is subject to company policies limiting use and disclosure of such information.
Stakeholders from HR, IT and corporate legal should discuss which apps the company will prohibit on corporate owned devices. Those prohibited applications should be spelled out in the company software/application policies. There are many reasons for preventing the use of certain apps (think possible malware) but companies should also think about how employee use of an application which automatically destroys the data being transferred will impact employer obligations to control or retain such information, particularly those in highly regulated areas, such as financial services or health care.
Code of Conduct
An organization’s Code of Conduct often addresses an employee’s obligation to prevent theft of trade secret information. Such policies often discuss how trade secret theft occurs and how employees can actively assist the company in protection of its trade secret information. Such policies – which also often prohibit the unauthorized use or disclosure of trade secret information – should specify whether the use of apps, like Confide or Snapchat, to transfer trade secret information is prohibited by the Company.
Electronic Monitoring/Electronic Use Policies
A company’s electronic monitoring and/or electronic use policies often provide notice to employees that the company will monitor employee conduct while using company provided electronic resources. Such policies should address whether sending text messages or any similar communications to prevent detection of that communication is a violation of company policy, and that the company will take disciplinary action should it learn that employees are engaging in unauthorized text messages or other interactions. Additionally, employees should further be reminded they have no reasonable expectation of privacy in their communications – whether sent via an app or via work email. As with other policies, an employee should sign off on, consent to and acknowledge an understanding of this as a condition of employment.
As we have often said in the past, training and education is key to preventing unauthorized behaviors, as well as insuring employees understand what is or is not appropriate use of electronic devices that access your systems. Your training could address, for example, appropriate business communications for your industry (e.g. via business email) and possible inappropriate business communications (e.g. via personal email, or via apps, like Confide and Snapchat). I have found that demonstrating the potential negative consequences of using a particular mode of communication provides employees a better understanding of why that communication is prohibited, could result in harm to the company, or might be viewed as unprofessional in your industry.
Litigation Holds/Employee Claims/E-Discovery Policies
Businesses must also recognize that certain applications, like Confide, could pose problems for e-discovery and data retention in the event of litigation or a potential claim. Employee use of certain apps could also impact an employer’s ability to fully investigate employee/supervisor harassment and discrimination, or to monitor illegal or unethical conduct by employees. If employees are using non-company supported means of communicating business information, a policy should require those employees to disclose that fact to IT and/or legal to insure the company can later meet any legal or compliance-related obligations to store and retain certain data.
Think back to when your company did not need a social media policy because social media did not exist – and no one ever thought that employees would share company information to 500 of their closest friends…but now most companies have policies to address employee use of social media. Emerging technologies certainly make it difficult for IT, HR and corporate legal departments to keep on top of employee behavior and to keep company information safe. What are you doing to keep abreast of technology? As always, we welcome your input.
According to the Miami Herald, a Florida teenager’s Facebook posts cost her father an $80,000 settlement in an age discrimination case against his former employer, Gulliver Preparatory School.
The settlement, not surprisingly, contained a confidentiality clause requiring the “terms and existence” of the agreement to be kept private. Not letting this get in her way, the daughter, Dana Snay, posted to her 1,200 Facebook friends, “Mama and Papa Snay won the case against Gulliver. Gulliver is now officially paying for my vacation to Europe this summer. SUCK IT.”
After the school learned of the Facebook posts, its attorneys notified Snay that the school would not pay the settlement. Snay then sued to enforce the settlement, but the school appealed and won. With this, I wonder whether the breach of the confidentiality provision and subsequent refusal to pay voided the entire settlement. That is – does “Papa Snay” still have a claim against Gulliver – or did he lose the payment and any chance of asserting his claims?
As someone who drafts settlement agreements all the time and whose clients are often extremely concerned about confidentiality – just like the preparatory school in this case – it was nice to see the court conclude that a party’s breach of confidentiality can have serious consequences. This case also serves to underscore the need for everyone (including children) to “think before you post.”
Do you think the school made the right decision to void the settlement agreement or should they simply have let the post go?
Companies are increasingly being pressured to defend their data protection programs and make trade secret protection a top priority. This pressure arises from many sources, including, reports of corporate espionage by foreign governments, employees’ increased use of smart phones, tablets and external storage devices, and studies showing that a large percentage of departing employees take confidential company information with them when they leave a company’s employ. As a result, companies must evaluate whether their approach to protecting trade secrets is keeping pace with technological advances and whether they have established internal best practices. So what are some of those best practices? Here are just a few of the recommendations that have been created by and will be discussed by my colleagues Sten-Erik Hoidal and Timothy M. O’Shea at an upcoming seminar at Fredrikson & Byron (registration information below):
(1) Conduct a Data Protection Audit
Determine what information is confidential or trade secret, who has access to such information, and where it is stored.
(2) Deploy Security Measures And Policies
Use physical and electronic security measures such as access controls for the building and areas within the building, locked doors and cabinets, password protected files or encryption, ID badges for employees, restricting the location/time/and access to such information, and labeling documents as confidential and trade secret.
(3) Use Appropriate Contractual Protections
Include confidentiality clauses in employment agreements for those employees who will have access to confidential and trade secret information, and use a non-disclosure agreement with employees or any third parties given access to confidential data is critical for protecting confidential information and trade secrets.
(4) Implement Clear, Enforceable Policies Relating To Authorized Use Of Company Property
Implement an electronic use policy that alerts employees that computers are company property and remind them that the company reserves the right to monitor employees’ emails, internet, and computer use (i.e., that the employee has no expectation of privacy).
(5) Implement Procedures For Departing Employees
Conduct exit interviews, eliminate access to computer systems, require return of all company documents and information, and request acknowledgment that employee has complied.
These are just a few of the best practices relating to protection of your company data. If you are interested in learning more about how you can best protect your company data, consider joining us for this seminar on Thursday February 27, 2014 (registration link). In addition to some of the best practices above, the program will offer the following Practical Perspectives:
- Key lessons learned from recent trade secret cases about what evidence is important to support a civil or criminal case for trade secret theft or misappropriation of confidential information.
- How to work with law enforcement and the Department of Justice to seek criminal prosecution against former employees for trade secret and other data theft, as well as preventative best practices that will help support a criminal prosecution.
I will be moderating this discussion with a great group of panelists, including:
- Timothy C. Rank, Assistant U.S. Attorney, U.S. Department of Justice
- Tamara L. White, Supervisory Special Agent – Minneapolis Counterintelligence Program, Federal Bureau of Investigations
- Sten-Erik Hoidal, Attorney, Fredrikson & Byron, P.A.
- Timothy M. O’Shea, Attorney, Fredrikson & Byron, P.A.
The seminar will take place on February 27, 2014, at 7:30 a.m. (Registration and Continental Breakfast), 8:00 – 9:30 a.m. (Panel Discussion and Q&A) at Fredrikson & Byron, 200 South Sixth Street, 40th Floor
Minneapolis. If you are interested:
Click here to register for this seminar! We hope that you can make it so we can continue this discussion!
In early 2013, Snapchat, an app that allows users to send self-destructing photos, became the second-most popular iPhone app with approximately 50 million snaps a day. While Snapchat is aimed at a younger non-business audience (think teens sending “selfies” to their friends), we had recently been talking about the potential legal implications arising from employee use of Snapchat. In the midst of that discussion, along comes Confide. Confide is a free text-based iOS app that permits users to send text/email messages to others which disappear as soon as they are read by the receiving party (the app requires iOS 7.0 or later and is optimized for the iPhone 5).
Confide targets its service to professionals who want to discuss personal, business or legal issues without the fear of an evidentiary trail. In the “Frequently Asked Questions” section of its website, Confide provided its “good use cases for Confide” as follows:
1. Anytime you send an email or text saying “Confidential — don’t forward”
2. Anytime you respond to an email or text with “I’ll call you”
3. Anytime you say “Can you send me your personal email; I’d prefer this conversation not be on work servers”
The FAQ’s go on to state that good uses could include discussions about “[j]ob referrals, HR issues, deal discussions, and even some good-natured office gossip.”
I admit the thought of business messages being sent purposefully so that employees (including management) can have “off-the-record” discussions – that immediately disappear – causes some level of anxiety for the employment lawyer side of me. But, let’s look at how this app works before I provide any thoughts on its business use.
So – in light of all of those features, what do businesses need to be thinking about in deciding whether to embrace or reject this new technology?
- Confide grants users the ability to engage in private communications that won’t be stored anywhere. This could be used for communications that really don’t need to be permanently recorded, such as where to meet for lunch, whether you are attending a particular meeting, or the like.
- The impermanence might be also be good if employees are simply venting to each other about the workplace – providing an outlet for employees to let off harmless steam without those remarks coming back to haunt them, or their employer.
- Confide grants users the ability to engage in private communications that won’t be stored anywhere. This feature and the app’s impermanence might raise problems for businesses required by law to retain certain types of records or preserve documents or data for litigation purposes, or which are are prohibited from engaging in certain types of communications.
- From an employment standpoint, these ultra-private communications could lead to inappropriate discussions between employees – leaving the employer left with trying to work out a “he said, she said” situation without any concrete evidence.
- Confide requires the user to grant complete access to their Address Book. This should raise concerns for companies seeking to protect certain contact information – such as client information. Clients too might not appreciate their contact information being shared freely with Confide.
- Employees may also make improper use of the app – whether to share confidential information, to make plans to go work for a competitor to name just a few, to share confidential information with that competitor, to discuss important internal matters that really ought to be recorded in some fashion, and the list goes on.
In light of the pros and cons above, businesses will have to decide whether they want to encourage “off-the-record” discussions between employees and permit the use of apps like Confide. At the very least, the advent of apps like Confide should serve as a reminder for business to take affirmative steps to keep current with all new technologies to protect business interests, trade secrets, and regulatory and legal obligations. Our next post will address some affirmative actions you can take to stay on top of new technologies.
Does your business or its employees use applications like Confide? If so, how do you regulate the use, and the disappearing nature of the documents? As always, we are interested in your thoughts.
We are always pleased to present posts from our colleagues in Fredrikson & Byron’s Employment & Labor group. This week, we are happy to re-post our colleague Krista Hatcher’s article relating to an employer’s inquiry into an applicant’s criminal history in light of Minnesota’s recent “Ban the Box” law. We thought her commentary relating to online applications may be of particular interest to our readers – so please do read on!
New Guidance from MDHR on “Ban-the-Box” Law, by Krista Hatcher
Minnesota’s new “Ban the Box” law prohibits most employers in Minnesota from inquiring into an applicant’s criminal history until after selecting the applicant for an interview or making a conditional offer of employment. The Minnesota Department of Human Rights, which enforces the new law, recently presented a Ban the Box webinar and published a Technical Guidance document. Although the MDHR’s interpretation is not binding on courts, which may disagree with the agency and construe the law differently, there are a few takeaways that employers may find instructive.
Compliance Will Not Insulate Employers from Discrimination Claims
Minnesota’s Ban the Box law regulates the timing of criminal history inquiries. Even if an employer complies with Ban the Box, however, its use of criminal history information may result in liability if it discriminates against individuals in protected classes. The MDHR suggests employers review the EEOC’s Enforcement Guidance on the Consideration of Arrest and Conviction Records in Employment Decisions Under Title VII of the Civil Rights Act of 1964, which says that employers should either: (1) have their criminal history screening practices validated in accordance with EEOC Uniform Guidelines on Employee Selection Procedures; or (2) develop a targeted screening process that takes into consideration at least the nature of the crime, time that has elapsed, and nature of the job for which the individual is applying, and provides for an individualized assessment. Employers that fail to comply with one of these two methods may face claims that their exclusion of applicants based on a criminal record is discriminatory.
Multi-state Employers May Use a Single Electronic Application That Contains a Clear and Unambiguous Disclaimer
According to the MDHR, employers that have operations in multiple states may continue to use a single electronic application, but must clearly and unambiguously inform Minnesota applicants that they need not answer criminal background questions on the application. The MDHR recommends that such language be in bold text and a different font, and cautions that if a Minnesota applicant does answer a criminal background question on the application the employer should not use or track the information. Although the MDHR did not discuss the use of paper applications by multi-state employers, the implication seems to be that a disclaimer on the application would be insufficient and multi-state employers should use a separate paper application in Minnesota that does not include any criminal history inquiries.
For more information on this issue, please see Ingrid Culp’s article, “New Minnesota Law Will Render Most Employment Applications Now In Use Unlawful.” For assistance with complying with the Ban the Box law or other questions related to background checks, please contact an attorney in Fredrikson & Byron’s Employment & Labor Law Group.
Teresa is the Chair of Fredrikson’s Non-Competes and Trade Secrets Group, and an MSBA Certified Labor and Employment Law Specialist. She counsels business clients on risk management and policy development relating to employee use of technology, and also litigates their business and employment disputes. Teresa trains, writes and lectures extensively on legal issues arising from business use of technology and social media.