Search results for: sec

This week we are pleased to have a guest post from Edward Heath and Kevin Daly.  Attorneys Heath and Daly are members of Robinson & Cole’s Manufacturing Industry Group and regularly counsel clients on anti-corruption compliance.

A Brief Overview of the FCPA

The Foreign Corrupt Practices Act (FCPA) is a federal statute that prohibits United States companies and individuals from bribing foreign government officials in order to gain or retain business.  It is a major civil and criminal enforcement priority for the federal government.  Each year, the aggregate amount of penalties paid under the FCPA totals hundreds of millions of dollars.

Although it is well known that the FCPA applies to U.S. companies and U.S. individuals (e.g., U.S. citizens and residents) there is a common misconception that its reach ends at our borders.  However, there are some circumstances where the FCPA can reach individuals outside of the U.S.  Foreign persons who act as the agents, employees, officers, directors or shareholders of U.S. companies can be held liable under the FCPA.  Foreign persons who commit an FCPA violation while in the U.S. are also covered.

Recent Court Decision Addresses Geographic Reach 

The United States Court of Appeals for the Second Circuit’s recently issued a decision affirming this point.  United States v. Hoskins arose out of an alleged bribery scheme involving Alstom, S.A. (“Alstom”), a global company based in France that operates in the power and transportation industries.  Specifically, the government claims that Alstom and several of its subsidiaries (including UK-based and U.S.-based subsidiaries) bribed Indonesian government officials in order to obtain a $118 million power contract from the Indonesian government.  The government contends that Mr. Hoskins, while working in France for Alstom’s U.K. subsidiary, was one of the people responsible for approving and authorizing the alleged bribes.  Although parts of the alleged scheme occurred within the U.S. (e.g., payments were made from U.S. bank accounts), and some co-conspirators were based in the U.S., Mr. Hoskins never traveled to the U.S., never was employed by Alstom’s U.S. subsidiary, and is not a U.S. citizen or resident.

The government charged Mr. Hoskins with violating the FCPA, alleging that he conspired and aided and abetted in FCPA violations committed by others.  The Second Circuit, however, rejected the government’s theories.  The court held that Congress set the limits on the geographic reach of the FCPA in the statute, and that the scope cannot be expanded  through accomplice or conspiracy liability theories to reach persons, like Mr. Hoskins, who are beyond the geographic reach of the statute.

Nonetheless, the court held that he can be tried on the theory that he acted as an agent for Alstom’s U.S. subsidiary.  Agents of U.S. companies are explicitly covered by the FCPA, regardless of whether they are U.S. citizens or residents.  To convict on such a theory, the government would be required to prove that that Hoskins was an agent of Alstom’s U.S. subsidiary.

While Hoskins is only binding within the Second Circuit (Connecticut, New York, and Vermont), and the government is evaluating further appellate options, it poses an obstacle to government efforts to expand FCPA liability beyond the specific categories of foreign persons enumerated in the statute.

 

Inogen, which manufactures portable oxygen devices, has alerted the Securities and Exchange Commission in a recent filing that it is notifying 30,000 individuals that their personal information was compromised when a hacker gained access to one of its employees’ email accounts through a phishing scheme. Continue Reading Manufacturing Sector Getting Hit with Cyber-Attacks: Portable Oxygen Device Manufacturer Notifies 30,000 Patients of Breach

The 2016 Manufacturing Report by Sikich finds that there has been a progressive growth in cyber-attacks in the manufacturing sector. This is consistent with the most recent IBM /X-Force Research 2016 Cyber Security Intelligence Index, which  notes that the manufacturing industry represents the second most attacked industry, just behind health care.

Manufacturing companies often don’t believe that they are targets since they do not hold vast amounts of consumer data. Therefore, they do not concentrate on cybersecurity and remain vulnerable. These two reports show that the risk of a cyber-attack is high and real to the manufacturing sector.

According to the Sikich report, the risks to the manufacturing sector include:

  • Operational downtime
  • Physical damage
  • Product manipulation
  • Theft of intellectual property and sensitive data

 These reports are a dose of reality to the manufacturing sector that it is under attack, and the threats and risks of cyber intrusions are real and are not dissipating. Addressing these risks and the potential devastating consequences are critical for any company in the manufacturing sector.

This post was authored by Linn Foster Freedman and is also being shared on our Data Privacy +Security Insider blog. If you’re interested in getting updates on developments affecting data privacy and security, we invite you to subscribe to the blog.

Last month, we posted about the United States Senate’s passage of the Defend Trade Secrets Act of 2016.  Breaking news:  It passed.  Thanks to members of our Labor & Employment (Ian Clarke-Fisher) and Intellectual Property Litigation groups (Jim Nault) for this guest post.

On May 11, 2016, President Barack Obama signed the Defend Trade Secrets Act of 2016 (the “DTSA”), providing a federal civil cause of action for the misappropriation of trade secrets under the Economic Espionage Act.  Both the Senate and House of Representatives passed the DTSA with near unanimous support in April.  A link to the DTSA can be found here.

Moving forward, the DTSA appears to provide manufacturers with a new avenue to address a wide range of trade secret issues.  In addition, in light of the notice requirement contained in the DTSA, employers should review their confidentiality agreements, provisions, and policies to determine how best to navigate the new law.

For companies with trade secrets “related to a product or service used in, or intended for use in, interstate or foreign commerce,” the DTSA provides the following important provisions, among others:

·        Federal Civil Action.  The DTSA creates a federal civil cause of action, giving original jurisdiction to  United States District Courts.  This will allow companies to decide whether to bring claims in federal or state courts, and may have the net effect of moving most trade secret litigation to federal courts.  Such a move will invariably include federal supplemental jurisdiction for claims for breach of contract, related common law claims, and state statutory claims.  Importantly, similar to federal employment laws, the DTSA does not supersede state trade secret laws.

·        Seizure of Property.  The DTSA includes a provision that permits the Court to issue an order, upon ex parte application in “extraordinary circumstances,” seizing property to protect against to improper dissemination of trade secrets.  Interestingly, the DTSA permits such an order only if the moving party has not publicized the requested seizure.  If granted, the Court is required to schedule a seizure hearing and the moving party will be required to provide security in an amount to be determined by the Court for the payment of any possible damages suffered as the result of a wrongful or excessive seizure.

·        Damages and Attorney’s Fees.  In addition to the seizure of property and injunctive relief, the DTSA permits for the recovery of damages for actual losses and unjust enrichment, and allows for exemplary (double) damages trade secrets that are “willfully or maliciously misappropriated.”  The DTSA also provides for the recovery of reasonable attorney’s fees in limited instances, including if the Court determines that the claims of misappropriation were brought in bad faith.

·        Whistleblower Protections and Notice Requirement.  The DTSA further includes civil and criminal immunity under federal and state trade secret laws for any disclosures made to a governmental agency for the purpose of reporting or investigating a legal violation or filed in a lawsuit, if such filing is made under seal.  Furthermore, and having likely broader application, the DTSA requires that an employer provide notice of these protections in any employment agreement governing confidential information or provide a cross-referenced policy document setting forth the employer’s reporting policy.  Failure to comply with the notice requirement prohibits the recovery for exemplary damages and attorney’s fees under the DTSA.

We welcome a guest post this week from Nuala Droney and James Nault, who are members of Robinson + Cole’s Intellectual Property Litigation Practice Team.

This week, the United States Senate passed the Defend Trade Secrets Act of 2016, which, if passed by the House and signed into law by President Obama, would give trade secret owners, including manufacturers, a federal private right of action for theft of trade secrets for the first time.  The law provides for the award of damages for trade secret theft as well as injunctive relief.  It even includes a provision allowing a court to grant ex parte expedited relief to trade secret owners under extraordinary circumstances to preserve evidence or prevent dissemination of the trade secret.  The ex parte provision, as DuPont’s Chief Intellectual Property Counsel put it in a Senate hearing, “enables a trade secret owner under limited, controlled conditions, to proactively contain a theft before it progresses and the trade secret is lost.”

Trade secrets are a form of intellectual property that are of increasing importance to many manufacturers for a variety of reasons.  A trade secret can be any information that is (i) valuable to a company, (ii) not generally known, and (iii) not readily ascertainable through lawful means, as long as the trade secret holder has taken reasonable precautions to protect it.  A classic example of a trade secret is the formula for Coca-Cola.  A more recent example is DuPont’s innovative Kevlar product, which was the subject of a large scale trade secret theft in 2006.  Trade secret theft is a huge problem; a recent Pricewaterhouse-Coopers study showed that trade secret theft costs American businesses $480 billion a year.

To sue someone for trade secret theft, a trade secret owner must prove that (i) the information stolen qualifies for  trade secret protection (i.e. it meets the above definition), (ii) the trade secret owner took reasonable precautions to protect the information, and (iii) the alleged thief misappropriated the trade secret, i.e. took it unlawfully, or as one legal textbook puts it, “through deception, skullduggery, or outright theft.”  Robert P. Merges, Peter S. Menell, and Mark A. Lemley, Intellectual Property in the New Technological Age, Revised Fourth Edition 2007.  And while there are federal claims for the theft of other forms of intellectual property, such as claims for patent or copyright infringement, traditionally trade secret theft has been the exclusive domain of state law.  This is despite the fact that interstate or international trade secret theft has been a federal crime since 1996.  If it becomes law, the Defend Trade Secrets Act of 2016, would give manufacturers a direct route to federal court to defend their trade secrets.

 

Many manufacturers have found themselves in the position of negotiating an order with an environmental agency over environmental conditions at a site. Oftentimes, these orders are the result of extensive negotiations, and they set the regulated entity on a long and detailed path of investigation and/or remediation. The environmental agency issuing the order often wants assurances from the regulated entity that it will complete the work and be able to pay for it. But what assurances does the regulated community get from the environmental agency that the work conducted will be sufficient?

A recent Connecticut case demonstrates the lack of security provided by government orders, perhaps to a greater degree than previously thought. The facts of Commissioner v. BIC Corporation detail a scenario where an environmental agency – the Connecticut Department of Energy and Environmental Protection (“DEEP”) – revoked a consent order a decade after its issuance.

DEEP issued a consent order to BIC Corporation (“BIC”) in 2003, which was modified in 2004, for the investigation of certain properties. Over the course of the next decade, BIC installed 30 groundwater wells and analyzed 786 soil samples as part of the investigation. BIC submitted numerous reports to DEEP detailing the investigation, all of which were approved.

In 2011, DEEP obtained notes from interviews with past BIC employees and, on the basis of those notes, revoked its prior approvals of the reports submitted by BIC. DEEP requested that BIC conduct additional studies and, when BIC refused, DEEP filed a lawsuit alleging that BIC failed to comply with the order. BIC counterclaimed against DEEP, alleging that DEEP breached the order.

Three years after filing its suit, DEEP revoked the order and withdrew its complaint against BIC, denying BIC the opportunity to demonstrate to the court that it complied with the order. The court dismissed the action for lack of jurisdiction, leaving BIC to deal with DEEP on an administrative level. While the court determined it did not have jurisdiction over BIC’s counterclaim, it did have some cautionary words for DEEP, stating:

One wonders whether the commissioner’s tactics may have the undesired and surely unintended consequence of precluding resolution of other cases in the future.

While the DEEP has the power to revoke an order, the facts in Commissioner v. BIC Corporation leave a regulated entity with little certainty that its hard work to investigate a site – with input and approvals from an environmental agency – will result in any sort of certainty or finality. When an entity commits to investigate the environmental conditions at a site under an order, it is making a commitment of time and money to do so. This recent case law may leave the regulated community questioning whether such a commitment is prudent.

With the new year comes a new focus on increasing criminal prosecutions against employers for worker safety violations.  In the end of December, the Department of Justice (“DOJ”) and the Department of Labor (“DOL”) announced a plan to deter workplace safety violations through more stringent criminal prosecution.  Under the new plan, the DOJ will work with the Occupational Safety and Health Administration (“OSHA”), the Mine Safety and Health Administration (“MSHA”), and the Wage and Hour Division (“WHD”) to prosecute worker endangerment violations.

Criminal penalties under the Occupational Safety and Health Act (“OSH Act”) are fairly limited, with imprisonment capped at 6 months and fines capped at $10,000.  As part of the new plan, DOJ is encouraging all United States Attorneys to charge employers for other violations that occur in connection with OSH Act violations, such as obstruction of justice, making false statements, witness tampering, and conspiracy.  United States Attorneys are also encouraged to consider environmental crimes, which often occur in concurrence with worker safety violations.  These offenses carry more significant periods of incarceration and fines.

Assistant Attorney General John C. Cruden for DOJ’s Environment and Natural Resources Division said:

We have seen that employers who are willing to cut corners on worker safety laws to maximize production and profit, will also turn a blind eye to environmental laws.  Working with our partners in the Department of Labor and law enforcement, we will remove the profit from these crimes by vigorously prosecuting employers who break safety and environmental laws at the expense of American workers.

Many environmental laws contain broad requirements that can easily be tacked on to a case involving worker safety.  For example, the Clean Air Act’s General Duty Clause requires owners and operators of stationary sources to identify hazards that may result from releases of extremely hazardous substances, design and maintain a safe facility taking necessary steps to prevent releases, and minimize the consequences of releases when they do occur.  This general duty is extremely broad, particularly given the fact that “extremely hazardous substances” is not defined.

United States Attorneys will have a designated Criminal Coordinator from the DOL.  United States Attorneys are encouraged to work with this Criminal Coordinator “to increase the frequency and effectiveness of criminal prosecutions of worker safety violations . . . .”

Given the broad scope of environmental laws, identifying ancillary violations to bolster worker safety violations may not be that difficult.  In addition, DOJ has trained OSHA inspectors to recognize other criminal violations.  Given DOJ and DOL’s recently announced focus on increasing criminal penalties, employers should be aware of all possible violations that could be used to bolster worker safety violations.

The post below is a follow-up to an earlier post written by my colleagues, Edward Heath and Kate Dion. Edward is my partner and is Chair of Robinson + Cole’s White-Collar Defense and Corporate Compliance Practice. Kate is a litigation associate who routinely handles government and internal investigations for manufacturing clients.

In the wake of reports about the government’s investigation of Blue Bell Creameries, the United States Department of Justice has issued an ominous warning to food companies: compliance failures will be aggressively prosecuted.

Last week, the third highest-ranking DOJ official announced that food safety investigations and prosecutions are a priority for the agency.  Noting that both companies and individual employees are subject to prosecution, the DOJ official directed his comments to senior management: “It is easy to think — that could never happen at my company. It is easy to think — that could never be me.”

He then added:

Even a single decision to cut corners can have deadly consequences. The criminal prosecutions we bring should stand as a stark reminder of the potential consequences of disregarding danger to one’s customers in the name of getting a shipment out on time — of sacrificing what is right for what is expedient.

To reinforce the point, the official noted that the government is willing to rely upon criminal laws that are not directly related to food manufacturing, such as those addressing obstruction of justice, and mail and wire fraud.

DOJ has conducted some noteworthy prosecutions in the last two years involving the sale of adulterated food.

  • In one case, the company entered a guilty plea to a misdemeanor violation of the federal Food, Drug, and Cosmetics Act in connection with the sale of a contaminated food product.  The company admitted that some of its employees were aware that the product could be contaminated.  The plea agreement required the company to pay millions of dollars in a criminal fine and forfeiture of assets.
  • In another case, two former company officials were tried and convicted on criminal charges related to the sale of a contaminated product.  The evidence presented at trial established that the defendants misled consumers about the contamination and then fabricated COAs accompanying various shipments.  When FDA officials visited the plant to investigate the outbreak, the defendants then gave misleading or untrue answers to their questions.  Those defendants are still awaiting sentencing.

Blue Bell has entered into voluntary agreements with several state agencies outlining corrective actions necessary to commence selling its ice cream products again, including engaging an expert to oversee sanitation efforts and instituting a “test and hold” procedure that requires it to obtain negative test results before distributing its product for sale.  While the FDA has approved of these agreements and is in discussions with Blue Bell concerning resuming sales of its product, the government has not yet indicated whether it will pursue criminal charges against that company for the three deaths and seven people that were hospitalized as a result of the listeria outbreak.

Regardless, the DOJ’s latest commentary is a striking reminder of the importance of a robust, well-enforced compliance program that addresses all applicable Federal and State rules and regulations.

In today’s competitive marketplace trade secrets are an organization’s most valuable asset.  The only way to ensure protection of a trade secret is to keep the information confidential.  Are you taking adequate measures to protect your company’s assets?

  • Who has access to the company’s most important trade secret information, and how is it currently protected?
  • Is this information marked confidential and maintained in a restricted manner?
  • Are company employees aware of their obligations to maintain the secrecy of this information?
  • How would an employee know how to report suspicious activity involving trade secret theft?

The first step in protecting trade secrets is ensure they are properly identified.  In doing so, manufacturing companies can then develop and implement policies and procedures that are appropriate to protect the nature and value of such confidential information.  Manufacturers may wish to consider undertaking an audit of its trade secret and proprietary information periodically, especially as a company develops new products and expands into new markets.

A second important step in protecting proprietary and trade secret information is to identify where such information is stored and located.  Once identified, limit all access.  For example, this may include restricting access to the company’s premises, including manufacturing materials, processes, files, computers, etc.  Security for the facility and company property is also essential.

Only employees who require such information to perform their jobs – on a need to know basis – should have access to proprietary information.  Then before access to the trade secret and proprietary information is permitted to anyone – employees, vendors, consultants, etc. – manufacturers may wish to consider entering into confidentiality agreements with those who will be granted access to this information so that these individuals clearly understand the conditions to be granted access.  Once these individuals are no longer affiliated with the company, exit interviews may be necessary to ensure that all relevant information is properly returned and the individuals understand their continuing obligation to maintain confidentiality.  

Obviously, the amount of time and money devoted to the protection of certain information depends on the value of such trade secrets and proprietary information. Protection strategies cannot follow a one-size-fits-all approach and must be tailored to the type of information being protected.

On June 6, 2025, President Donald Trump signed two executive orders aimed at significantly reshaping the future of drone policy in the United States. One focuses on protecting national airspace from malicious drone threats, while the other seeks to supercharge the U.S. drone industry at home and abroad.

Together, these orders paint a clear picture of a dual strategy: tighten security while boosting innovation. Here’s a breakdown, without the legal jargon, of what these two executive orders mean and why they matter.

Restoring American Airspace Sovereignty: Cracking Down on Dangerous Drone Use

This executive order is all about defending U.S. airspace from threats posed by drones—especially when used by hostile actors.

The order warns that while drones can offer many benefits, bad actors have increasingly weaponized them, raising serious national security and public safety concerns. From hovering over stadiums and critical infrastructure to spying on sensitive government sites, drones have become a tool for potential harm.

The key actions in the executive order:

  • New Task Force: A special interagency task force will review the United States’ current drone policies and tech capabilities and propose solutions to improve drone defense.
  • Federal Aviation Administration (FAA) Rulemaking: The FAA will write new rules to restrict drone flights over “fixed site facilities”— think power plants, military bases, or large venues.
  • Better Geofencing Tools: FAA notices and airspace restrictions will be made available in a more open, digital-friendly format so drone systems can automatically avoid no-fly zones.
  • Law Enforcement Mandate: The Attorney General must step up enforcement of laws against reckless or criminal drone use.
  • Expanded Detection Powers: Agencies are directed to use all tools available to detect, track, and identify drones and their signals.
  • Counter-Drone Coordination: The Attorney General and Homeland Security Secretary will explore embedding drone defense into Joint Terrorism Task Forces, especially around mass gathering events like sports games, concerts, or political rallies.

This is a crackdown on dangerous or unlawful drone activity. It could lead to more enforcement, stricter no-fly zones, and tighter coordination across federal and local agencies to stop drone threats before they escalate.

Unleashing Drone Dominance: Promoting U.S. Drone Innovation and Exports

The second order flips the script. While the first one cracks down, this one opens up new doors for U.S.-made drone technology to thrive.

President Trump argues that drones are not just flying gadgets, they’re a key part of the future economy. They can improve productivity, create high-skilled jobs, and modernize transportation and logistics. To stay competitive globally, the United States must scale production, expand exports, and support homegrown innovation.

The key actions in the executive order:

  • Beyond Visual Line of Sight (BVLOS) Rules: The FAA will issue new regulations to allow drones to fly beyond the pilot’s line of sight, critical for delivery services, search and rescue, and more.
  • AI-Powered Waiver Reviews: The government will start using artificial intelligence tools to speed up the approval of drone waiver applications, cutting red tape.
  • Easing International Flight Restrictions: U.S.-based drone flights that begin and end domestically (or from U.S.-owned platforms) will no longer face manned aircraft-style rules under international law.
  • National Integration Roadmap: A new plan will guide how drones are fully integrated into U.S. airspace—from small consumer drones to delivery fleets.
  • Test Range Expansion: FAA test sites will be used more aggressively to develop and scale up next-gen drone tech.
  • Electric Vertical Take-Off and Landing (eVTOL) Pilot Program: The government will launch a program to accelerate the rollout of eVTOL aircraft (think flying taxis).
  • Supply Chain Protections: A “Covered Foreign Entity List” will identify risky suppliers, and new measures will be taken to protect the U.S. drone supply chain from foreign control or espionage.
  • Export Boost: Export control rules will be revised to make it easier to sell U.S.-made drones abroad, as long as they’re not going to adversaries.
  • Military Access to Drones: The Department of Defense will take steps to improve service members’ access to drones, possibly for training or battlefield use.

This order lays the groundwork for a full-scale push to grow the domestic drone economy, loosening rules, accelerating innovation, and taking aim at global drone markets.

Taken together, these two executive orders represent a new drone doctrine: protect U.S. skies and dominate the drone market.

  • For drone operators and manufacturers, the message is mixed but clear: follow the rules, especially around security, and the government will support your growth.
  • For regulators and law enforcement, the orders add urgency to modernizing systems, cracking down on threats, and speeding up approvals.
  • For the drone industry, it could mean faster innovation, broader markets, and a bigger push to bring manufacturing back home.

Whether you’re flying drones, building them, regulating them, or just watching from the ground, 2025 may be a defining year for how the United States handles the skies.

This post was co-authored by Data Privacy + Cybersecurity Team partner Kathryn M. Rattigan and Government Enforcement + White-Collar Defense partner David E. Carney. The post is also being shared on our Data Privacy + Cybersecurity Insider blog. If you’re interested in getting updates on developments affecting data privacy and security, we invite you to subscribe to the blog.