Thank you to Jonathan Schaefer for his contributions to this post. Jon focuses his practice on environmental compliance counseling, occupational health and safety, permitting, site remediation, and litigation related to federal and state regulatory programs.

On June 21, 2021, OSHA made big news by publishing its COVID-19 Emergency Temporary Standard for the Healthcare Industry (ETS). While the ETS does not apply to most manufacturing facilities, OSHA also updated its general COVID-19 guidance earlier this month.

This guidance is intended to assist all employers and workers not subject to the ETS in mitigating the spread of COVID-19. The main recommendations in the guidance are summarized below:

  • Workplaces with Fully Vaccinated Employees. Employers no longer need to take as many steps to protect fully vaccinated employees from COVID-19. However, unvaccinated or at-risk workers still need to be protected. As such, employers are strongly advised to support their employees in getting vaccinated by granting them paid time off to receive the vaccine and paid time off to recover from any of vaccine side effects.
  • Protecting Unvaccinated or At-Risk Employees:
    • Work from home. Any COVID-19 infected workers, or ones who have had close contact with someone who tested positive for COVID-19, should work from home, or receive paid time off as needed.
    • Physical distancing. Unvaccinated and at-risk workers should maintain a 6 feet distance from others, or be separated at fixed workstations behind transparent shields or other solid barriers.
    • Facemasks. Employers should provide facemasks at no cost for their unvaccinated and at-risk workers. Employers should also suggest that unvaccinated visitors wear facemasks in the workplace.
  • Other workplace safety guidelines:
    • Educating Employees on COVID-19. Managers should be trained on COVID-19 transmission risks and be frequently updated on any workplace COVID-19 policies. Employees should also be informed of their rights to protection against COVID-19 in the workplace.
    • Ventilation Systems. Employers should maintain adequate ventilation systems. Air filters with a Minimum Efficiency Reporting Value (MERV) 13 or higher should be installed where feasible.
    • Cleaning and disinfection. If someone who has been in the facility within 24 hours is suspected of having or confirmed to have COVID-19, the CDC cleaning and disinfection recommendations should be followed.
    • Record and report. Employers are responsible for recording work-related cases of COVID-19 illness on Form 300 logs. Employers must also follow regulatory requirements when reporting COVID-19 fatalities and hospitalizations to OSHA.
    • Retaliation. No employees should be discharged or discriminated against for raising a reasonable concern about workplace COVID-19 infection, or exercising any of their rights under the COVID-19 policies and procedures.
    • Other applicable mandatory OSHA standards. All of OSHA’s standards that apply to protecting workers from infection remain in place. These mandatory OSHA standards include: requirements for personal protective equipment, respiratory protection, sanitation, protection from bloodborne pathogens, OSHA’s requirements for employee access to medical and exposure records and, of course, the General Duty Clause.

This post was authored by Linn Foster Freedman and is also being shared on our Data Privacy + Cybersecurity Insider blog. If you’re interested in getting updates on developments affecting data privacy and security, we invite you to subscribe to the blog.

Since the Colonial Pipeline and JBS meat manufacturing security incidents, attention is finally being paid to the cybersecurity vulnerabilities of critical infrastructure in the U.S. and in particular, the potential effect on day to day life and national security if large and significant manufacturers’ production are disrupted. In the wake of these recent incidents in the manufacturing sector, Unit 42 of Palo Alto Networks has published research that may be considered a warning to the manufacturing sector and is worth notice. The warning is about the activities of Prometheus, “a new player in the ransomware world that uses similar malware and tactics to ransomware veteran Thanos.”

According to the Executive Summary, Unit 42 “has spent the past four months following the activities of Prometheus” which “leverages double-extortion tactics and hosts a leak site, where it names new victims and posts stolen data available for purchase.” Prometheus claims to be part of REvil, but Unit 42 says it has “seen no indication that these two ransomware groups are related in any way.” Unit 42 further states that Prometheus claims to have victimized 30 organizations in different industries, in more than a dozen countries, including the U.S.

Prometheus came on the scene in February 2021 as a new variant of the strain Thanos. Unit 42 is unable to provide information on how the Prometheus ransomware is being delivered, but surmise that it is through typical means, such as “buying access to certain networks, brute-forcing credentials or spear phishing for initial access.” It then first kills backups and security processes and enables the encryption process. It then “drops two ransom notes” that contain the same information about the fact that the network has been hacked and important files encrypted and instructions of how to recover them. If the ransom demand is not met, the data will be published on a shaming site and publishes the “leak status” of each victim. According to Unit 42 “[M]anufacturing was the most impacted industry among the victim organizations we observed, closely followed by the transportation and logistics industry.”

What we have seen in the past is that when ransomware groups are successful in one industry, they use the information learned from initial attacks to target other companies in that sector. They leverage the knowledge from one attack to future attacks assuming that since the first one was successful, subsequent attacks will be successful as well. Since industry specific networks are similar, it is seamless to attack one victim, learn from it, then leverage that knowledge to attack similarly situated victims.

With threat attackers’ focus on the manufacturing sector right now, we anticipate seeing more attacks against manufacturers from groups such as Prometheus.

Last week, Coca-Cola was sued by Earth Island Institute for deceptive marketing regarding its sustainability efforts “despite being one of the largest contributors to plastic pollution in the world.”

In the Complaint, Earth Island Institute, a not-for-profit environmental organization, alleges that Coca-Cola is deceiving the public by marketing itself as sustainable and environmentally friendly while “polluting more than any other beverage company and actively working to prevent effective recycling measures in the U.S.” Coca-Cola has developed a number of initiatives to advertise its commitment to plastic waste reduction and recycling, in part through its “Every Bottle Back” and a “World Without Waste” campaigns. It touts its goal to collect and recycle one bottle or can for each one it sells by 2030. Coke also claims that its plastic bottles and caps are designed to be 100% recyclable. The Complaint presents a number of examples of these allegedly misleading statements across a range of mediums, including on its website, in advertising, on social media, and in other corporate reports and statements.

Meanwhile, according to the Complaint, Coca-Cola is the world’s leading plastic waste producer, generating 2.9 million tons of plastic waste per year. It uses about 200,000 plastic bottles per minute, amounting to about one-fifth of the world’s polyethylene terephthalate (PET) bottle output. This plastic production also relies on fossil fuels, resulting in significant CO2 emissions.

This waste generation is complicated by significant deficiencies in recycling. Despite the public’s common understanding that plastic bottles can be recycled, only about 30 percent of them actually are. According to the Complaint, the plastics industry has long understood this problem, but it has sought to convince the consumer that recycling is viable and results in waste reduction. The Complaint even quotes former president of the Plastics Industry Association as saying, “If the public thinks that recycling is working, then they are not going to be as concerned about the environment.”

The Complaint alleges that not only has Coca-Cola failed to implement an effective recycling strategy, it has actively opposed legislation that would improve recycling rates. According to the Complaint, Coke has actively fought against “bottle bills”—laws that would impose a small fee on plastic bottle purchase that would be returned to the consumer when that bottle is returned to a recycling facility. Jurisdictions with these laws tend to have better recycling rates, albeit at a small additional cost to the consumer at the point of purchase.

The Complaint does not allege that Coke has violated any environmental laws. Instead, Earth Island Institute seeks to hold Coke accountable under the Washington, D.C. Consumer Protection Procedures Act. The Complaint alleges that Coca-Cola’s misrepresentations mislead consumers, and that Coke’s products “lack the characteristics, benefits, standards, qualities, or grades” that are stated and implied in its marketing materials. Earth Island Institute does not seek damages; it only seeks to stop Coca-Cola from continuing to make these statements.

This case is the latest example of ESG—Environmental, Social, and Governance—factors playing out in practice.

This week’s post was co-authored by Robinson+Cole Labor and Employment Group lawyer Emily A. Zaklukiewicz.

More than one year after the start of the COVID-19 pandemic, wearing face masks and social distancing continue to be the “new normal.” Manufacturers, while familiar with health and safety protocols related to their operations, have had to navigate a new set of protocols aimed at maintaining a safe workplace during the global pandemic. Widespread vaccine distribution has been underway for several months and it has prompted public health authorities and governments to begin relaxing mandates and rules related to workplace safety. Many employers, including manufacturers, are now facing the challenge of maintaining a safe workplace for both vaccinated and unvaccinated individuals, in light of these changes. Continue Reading Masks, Safety Measures & Manufacturers

As we reported at the beginning of the year, President Biden has been making environmental justice one of his priorities since long before he took office. The United States Environmental Protection Agency (EPA) recently took a step to add some teeth to the Biden Administration’s commitment to increase environmental enforcement in communities disproportionally impacted by pollution.

On April 30, 3031, the Acting Assistant Administrator of the EPA issued a memorandum to strengthen enforcement in communities with environmental justice concerns. The enforcement memo calls upon EPA to use existing resources to help protect these communities and advance the Administration’s environmental justice goals. The memo calls for:

  • Increased facility inspections in overburdened communities.

EPA reportedly plans to gather inspection-related data in order to develop new inspection goals to protect communities impacted by environmental concerns, and intends to evaluate national and regional programmatic inspection priorities to determine which ones address the most significant threats to these communities. It then plans to gather information about the number and nature of inspections that have occurred over time in communities with environmental justice concerns. Once that information is gathered, EPA will set new inspection goals to ensure that environmental justice concerns are being prioritized.

  • Strengthen enforcement in overburdened communities by resolving environmental noncompliance by using remedies that provide tangible benefits for the community.

According to the memo, EPA wants to start thinking more creatively to solve environmental issues through settlements that not only penalize the polluter, but also actually provide a benefit to the impacted community. In addition to traditional penalties and injunctive relief, EPA plans to seek more creative compliance measures, such as fence-line monitoring and other transparency tools. Further, EPA would like to significantly increase the use of supplemental environmental projects (SEPs). SEPs allow EPA to redirect money from what a polluter could have paid as a penalty into environmental benefit projects that have a direct impact on the community. While the prior administration had limited the use of SEPs, the Department of Justice is reevaluating that rule, and if it is repealed, the memo directs EPA staffers to “actively consider” the use of SEPs.

  • Increase engagement with communities about enforcement cases that most directly impact them.

EPA knows that an informed community is an engaged community, and the memo looks to increase and enhance efforts to provide information to communities about the enforcement cases that impact them. EPA plans to accomplish this goal through public meetings, press releases, and online resources. EPA also would like to increase opportunities for communities to actually engage in the development of cleanup and reuse agreements. EPA acknowledges that these communications plans will likely need to be developed on a case-by-case or regional basis but, through increased information, EPA expects that these communities will be better able to manage risk as well as monitor compliance at local facilities.

This week we are pleased to have a guest post from Edward Heath and Kevin Daly. Attorneys Heath and Daly are members of Robinson+Cole’s Manufacturing Industry Team and regularly counsel clients on export control and anti-corruption compliance.

Earlier this month, it was announced that Honeywell International, Inc. (Honeywell) had entered into a $13 million administrative settlement with the U.S. government to resolve allegations of export control violations related to aerospace and defense technical data (specifically engineering prints for castings and parts for aircraft, gas turbine engines, and military electronics). Following a self-disclosure by Honeywell to the federal government, the State Department alleged that the company committed 34 violations of the Arms Export Control Act (AECA) and International Traffic in Arms Regulations (ITAR) in connection with data exported to recipients in Canada, Mexico, Ireland, China, and Taiwan without required government approval.

The most significant takeaway from this settlement is the leniency that Honeywell earned by virtue of its self-disclosure, cooperation with the State Department’s follow-up inquiries, and prompt self-policing. First, because maximum civil penalties for these alleged AECA and ITAR violations are just over $1.1 million per violation, Honeywell would have faced over $37.4 million in aggregate civil penalties based upon the allegations. Second, the government cited the voluntary disclosure as a reason that it did not seek to debar Honeywell from participation in government programs. Finally, the government agreed that $5 million of the $13 million settlement payment is suspended on the condition that Honeywell uses that amount to fund the compliance upgrades prescribed by the settlement agreement.

While any potential self-disclosure of suspected international trade compliance violations requires careful and thoughtful analysis, this latest AECA/ITAR settlement suggests that the Biden Administration may place significant value on corporate candor and cooperation.

Below is an excerpt of an article co-authored with Emily A. Zaklukiewicz, a member of Robinson+Cole’s Labor, Employment, Benefits + Immigration Group, that was published in ISHN on May 6, 2021.

Drug testing in the workplace, especially in the manufacturing industry, has become a common part of pre-employment screening and health/safety measures in the workplace, which may include random, post-accident, and reasonable-suspicion testing. That being said, many employers are re-thinking their testing approach in light of legal changes and societal shifts related to drug use and, more specifically, marijuana use. In recent years, as the number of states legalizing medical and/or recreational marijuana has grown, manufacturers have been grappling with how to comply with their legal obligations while also balancing the need to maintain a safe workplace, attract qualified applicants, and avoid potentially unnecessary pre-hire screening. Read the full article.

One of the IndustryWeek articles that always grabs my attention is “Top 10 Most Corrupt Countries of 2021.” Obviously, there is an immediate incentive to check the list and see if you do business (or even can do business) in any of the countries listed.

Leaving the list aside, one trend for manufacturers that operate globally that always seems to be an issue is deciding how to sell products in other countries. Some manufacturers open sales offices; others pursue joint ventures. Some manufacturers have distributors, while others have authorized sales representatives.

There are key differences among all of these options, but many of our clients continue to express frustration with the “results” they are getting. Some manufacturers enter into financial agreements that never seem to work out. Or, alternatively, they negotiate exclusivity that isn’t very exclusive.

The bottom line is that as the agreements renew, it is important to assess whether changing to a different model makes sense, particularly in countries where there can be compliance challenges (such as bribery) that can impact a business in a significant way.

Thank you to Jonathan Schaefer for this post. Jon focuses his practice on environmental compliance counseling, occupational health and safety, permitting, site remediation, and litigation related to federal and state regulatory programs.

Growing evidence suggests that corporate focus on ESG—Environmental, Social, and Corporate Governance—may offer short- and long-term advantages to both companies and investors. These advantages are in addition to and apart from the residual benefits to society-at-large that may be created by a company with a strong ESG performance.

While some may view ESG as a set of factors used solely by socially conscious investors to screen potential investments or environmentalists to pressure a company into changing its operations, ESG is becoming an increasingly mainstream set of criteria. Investors are starting to focus on ESG to forecast and manage risks, and corporate leaders are looking to ESG for marketing and production efficiency.

What is ESG?

ESG stands for Environmental, Social, and Corporate Governance. The term refers to the three central factors in measuring the sustainability and societal impact of an investment in a company. For many, the term ESG brings to mind environmental issues like sustainability, climate change, and resource scarcity. These issues form an important element of ESG, but ESG means so much more. The environmental pillar of ESG looks at how a company performs as a steward of the environment. The social pillar examines how a company manages its labor practices, talent, product safety, data privacy, and relationships in its local communities. The governance pillar deals with a company’s leadership, executive and board compensation, internal audits and controls, anti-corruption, and shareholder rights.

ESG criteria may help to better determine the future financial performance of companies by balancing risk and return in the context of how a company’s business handles or interacts with these environmental, social, and corporate governance issues.

Recent Federal Activity

Despite this increased focus, some may still believe that ESG is not mainstream enough to justify spending limited corporate time and resources on it. For companies that are subject to regulation by the U.S. Securities and Exchange Commission (SEC), that perception may be changing. The SEC issued guidance in 2010 advising companies to disclose climate change-related developments that are material to their businesses. But that guidance does not carry the force of law, and it gives companies leeway to decide what is and is not material. The disclosures can either paint a rosy picture (when a company is likely to save money by switching to renewable energy) or a gloomy one (when a company has operations in flood zones that are facing rising waters). Currently, companies also do not have to reveal any quantitative data about their greenhouse gas emissions to the SEC.

However, the SEC recently announced that it would increase scrutiny of how thoroughly companies evaluate and disclose ESG risks, specifically climate change, and the impacts such risks may have on operations. The SEC’s new Climate and ESG Task Force will seek to uncover wrongdoing by looking for gaps or misstatements in a company’s reporting about climate risks under current rules. In addition, the Task Force will look for potential disclosure and compliance problems concerning the ESG strategies of investment advisers and funds.

In addition to creation of the Task Force, both the Acting Chair of the SEC and President Biden’s nominee to chair the SEC have signaled that establishing a mandatory, comprehensive framework for public company reporting of ESG issues could be forthcoming.

This week’s article was co-authored with Alisha N. Sullivan and Emily A. Zaklukiewicz who are members of Robinson+Cole’s Labor, Employment, Benefits + Immigration Groups.

Although millions of people in the United States have been vaccinated since COVID-19 vaccine distribution began in December 2020, a large percentage of the population still remains unvaccinated. Many lawmakers and companies are brainstorming ways to remove barriers to individuals obtaining the vaccine, especially frontline workers who remain at a higher risk of COVID-19 exposure and infection. One such barrier is the time away from work that may be required to obtain the vaccination and the risk that the time will be unpaid. Many employers, including manufacturers, are questioning whether they must, or should, provide employees with paid time off for time spent related to obtaining the COVID-19 vaccine. Continue Reading Are Employers Required to Pay For Employee Time Spent Receiving COVID-19 Vaccine?