Search sec

This week we are pleased to have a guest post from Edward Heath and Kevin Daly.  Attorneys Heath and Daly are members of Robinson & Cole’s Manufacturing Industry Group and regularly counsel clients on anti-corruption compliance.

A Brief Overview of the FCPA

The Foreign Corrupt Practices Act (FCPA) is a federal statute that prohibits United States companies and individuals from bribing foreign government officials in order to gain or retain business.  It is a major civil and criminal enforcement priority for the federal government.  Each year, the aggregate amount of penalties paid under the FCPA totals hundreds of millions of dollars.

Although it is well known that the FCPA applies to U.S. companies and U.S. individuals (e.g., U.S. citizens and residents) there is a common misconception that its reach ends at our borders.  However, there are some circumstances where the FCPA can reach individuals outside of the U.S.  Foreign persons who act as the agents, employees, officers, directors or shareholders of U.S. companies can be held liable under the FCPA.  Foreign persons who commit an FCPA violation while in the U.S. are also covered.

Recent Court Decision Addresses Geographic Reach 

The United States Court of Appeals for the Second Circuit’s recently issued a decision affirming this point.  United States v. Hoskins arose out of an alleged bribery scheme involving Alstom, S.A. (“Alstom”), a global company based in France that operates in the power and transportation industries.  Specifically, the government claims that Alstom and several of its subsidiaries (including UK-based and U.S.-based subsidiaries) bribed Indonesian government officials in order to obtain a $118 million power contract from the Indonesian government.  The government contends that Mr. Hoskins, while working in France for Alstom’s U.K. subsidiary, was one of the people responsible for approving and authorizing the alleged bribes.  Although parts of the alleged scheme occurred within the U.S. (e.g., payments were made from U.S. bank accounts), and some co-conspirators were based in the U.S., Mr. Hoskins never traveled to the U.S., never was employed by Alstom’s U.S. subsidiary, and is not a U.S. citizen or resident.

The government charged Mr. Hoskins with violating the FCPA, alleging that he conspired and aided and abetted in FCPA violations committed by others.  The Second Circuit, however, rejected the government’s theories.  The court held that Congress set the limits on the geographic reach of the FCPA in the statute, and that the scope cannot be expanded  through accomplice or conspiracy liability theories to reach persons, like Mr. Hoskins, who are beyond the geographic reach of the statute.

Nonetheless, the court held that he can be tried on the theory that he acted as an agent for Alstom’s U.S. subsidiary.  Agents of U.S. companies are explicitly covered by the FCPA, regardless of whether they are U.S. citizens or residents.  To convict on such a theory, the government would be required to prove that that Hoskins was an agent of Alstom’s U.S. subsidiary.

While Hoskins is only binding within the Second Circuit (Connecticut, New York, and Vermont), and the government is evaluating further appellate options, it poses an obstacle to government efforts to expand FCPA liability beyond the specific categories of foreign persons enumerated in the statute.

 

Inogen, which manufactures portable oxygen devices, has alerted the Securities and Exchange Commission in a recent filing that it is notifying 30,000 individuals that their personal information was compromised when a hacker gained access to one of its employees’ email accounts through a phishing scheme. Continue Reading Manufacturing Sector Getting Hit with Cyber-Attacks: Portable Oxygen Device Manufacturer Notifies 30,000 Patients of Breach

The 2016 Manufacturing Report by Sikich finds that there has been a progressive growth in cyber-attacks in the manufacturing sector. This is consistent with the most recent IBM /X-Force Research 2016 Cyber Security Intelligence Index, which  notes that the manufacturing industry represents the second most attacked industry, just behind health care.

Manufacturing companies often don’t believe that they are targets since they do not hold vast amounts of consumer data. Therefore, they do not concentrate on cybersecurity and remain vulnerable. These two reports show that the risk of a cyber-attack is high and real to the manufacturing sector.

According to the Sikich report, the risks to the manufacturing sector include:

  • Operational downtime
  • Physical damage
  • Product manipulation
  • Theft of intellectual property and sensitive data

 These reports are a dose of reality to the manufacturing sector that it is under attack, and the threats and risks of cyber intrusions are real and are not dissipating. Addressing these risks and the potential devastating consequences are critical for any company in the manufacturing sector.

This post was authored by Linn Foster Freedman and is also being shared on our Data Privacy +Security Insider blog. If you’re interested in getting updates on developments affecting data privacy and security, we invite you to subscribe to the blog.

Last month, we posted about the United States Senate’s passage of the Defend Trade Secrets Act of 2016.  Breaking news:  It passed.  Thanks to members of our Labor & Employment (Ian Clarke-Fisher) and Intellectual Property Litigation groups (Jim Nault) for this guest post.

On May 11, 2016, President Barack Obama signed the Defend Trade Secrets Act of 2016 (the “DTSA”), providing a federal civil cause of action for the misappropriation of trade secrets under the Economic Espionage Act.  Both the Senate and House of Representatives passed the DTSA with near unanimous support in April.  A link to the DTSA can be found here.

Moving forward, the DTSA appears to provide manufacturers with a new avenue to address a wide range of trade secret issues.  In addition, in light of the notice requirement contained in the DTSA, employers should review their confidentiality agreements, provisions, and policies to determine how best to navigate the new law.

For companies with trade secrets “related to a product or service used in, or intended for use in, interstate or foreign commerce,” the DTSA provides the following important provisions, among others:

·        Federal Civil Action.  The DTSA creates a federal civil cause of action, giving original jurisdiction to  United States District Courts.  This will allow companies to decide whether to bring claims in federal or state courts, and may have the net effect of moving most trade secret litigation to federal courts.  Such a move will invariably include federal supplemental jurisdiction for claims for breach of contract, related common law claims, and state statutory claims.  Importantly, similar to federal employment laws, the DTSA does not supersede state trade secret laws.

·        Seizure of Property.  The DTSA includes a provision that permits the Court to issue an order, upon ex parte application in “extraordinary circumstances,” seizing property to protect against to improper dissemination of trade secrets.  Interestingly, the DTSA permits such an order only if the moving party has not publicized the requested seizure.  If granted, the Court is required to schedule a seizure hearing and the moving party will be required to provide security in an amount to be determined by the Court for the payment of any possible damages suffered as the result of a wrongful or excessive seizure.

·        Damages and Attorney’s Fees.  In addition to the seizure of property and injunctive relief, the DTSA permits for the recovery of damages for actual losses and unjust enrichment, and allows for exemplary (double) damages trade secrets that are “willfully or maliciously misappropriated.”  The DTSA also provides for the recovery of reasonable attorney’s fees in limited instances, including if the Court determines that the claims of misappropriation were brought in bad faith.

·        Whistleblower Protections and Notice Requirement.  The DTSA further includes civil and criminal immunity under federal and state trade secret laws for any disclosures made to a governmental agency for the purpose of reporting or investigating a legal violation or filed in a lawsuit, if such filing is made under seal.  Furthermore, and having likely broader application, the DTSA requires that an employer provide notice of these protections in any employment agreement governing confidential information or provide a cross-referenced policy document setting forth the employer’s reporting policy.  Failure to comply with the notice requirement prohibits the recovery for exemplary damages and attorney’s fees under the DTSA.

We welcome a guest post this week from Nuala Droney and James Nault, who are members of Robinson + Cole’s Intellectual Property Litigation Practice Team.

This week, the United States Senate passed the Defend Trade Secrets Act of 2016, which, if passed by the House and signed into law by President Obama, would give trade secret owners, including manufacturers, a federal private right of action for theft of trade secrets for the first time.  The law provides for the award of damages for trade secret theft as well as injunctive relief.  It even includes a provision allowing a court to grant ex parte expedited relief to trade secret owners under extraordinary circumstances to preserve evidence or prevent dissemination of the trade secret.  The ex parte provision, as DuPont’s Chief Intellectual Property Counsel put it in a Senate hearing, “enables a trade secret owner under limited, controlled conditions, to proactively contain a theft before it progresses and the trade secret is lost.”

Trade secrets are a form of intellectual property that are of increasing importance to many manufacturers for a variety of reasons.  A trade secret can be any information that is (i) valuable to a company, (ii) not generally known, and (iii) not readily ascertainable through lawful means, as long as the trade secret holder has taken reasonable precautions to protect it.  A classic example of a trade secret is the formula for Coca-Cola.  A more recent example is DuPont’s innovative Kevlar product, which was the subject of a large scale trade secret theft in 2006.  Trade secret theft is a huge problem; a recent Pricewaterhouse-Coopers study showed that trade secret theft costs American businesses $480 billion a year.

To sue someone for trade secret theft, a trade secret owner must prove that (i) the information stolen qualifies for  trade secret protection (i.e. it meets the above definition), (ii) the trade secret owner took reasonable precautions to protect the information, and (iii) the alleged thief misappropriated the trade secret, i.e. took it unlawfully, or as one legal textbook puts it, “through deception, skullduggery, or outright theft.”  Robert P. Merges, Peter S. Menell, and Mark A. Lemley, Intellectual Property in the New Technological Age, Revised Fourth Edition 2007.  And while there are federal claims for the theft of other forms of intellectual property, such as claims for patent or copyright infringement, traditionally trade secret theft has been the exclusive domain of state law.  This is despite the fact that interstate or international trade secret theft has been a federal crime since 1996.  If it becomes law, the Defend Trade Secrets Act of 2016, would give manufacturers a direct route to federal court to defend their trade secrets.

 

Many manufacturers have found themselves in the position of negotiating an order with an environmental agency over environmental conditions at a site. Oftentimes, these orders are the result of extensive negotiations, and they set the regulated entity on a long and detailed path of investigation and/or remediation. The environmental agency issuing the order often wants assurances from the regulated entity that it will complete the work and be able to pay for it. But what assurances does the regulated community get from the environmental agency that the work conducted will be sufficient?

A recent Connecticut case demonstrates the lack of security provided by government orders, perhaps to a greater degree than previously thought. The facts of Commissioner v. BIC Corporation detail a scenario where an environmental agency – the Connecticut Department of Energy and Environmental Protection (“DEEP”) – revoked a consent order a decade after its issuance.

DEEP issued a consent order to BIC Corporation (“BIC”) in 2003, which was modified in 2004, for the investigation of certain properties. Over the course of the next decade, BIC installed 30 groundwater wells and analyzed 786 soil samples as part of the investigation. BIC submitted numerous reports to DEEP detailing the investigation, all of which were approved.

In 2011, DEEP obtained notes from interviews with past BIC employees and, on the basis of those notes, revoked its prior approvals of the reports submitted by BIC. DEEP requested that BIC conduct additional studies and, when BIC refused, DEEP filed a lawsuit alleging that BIC failed to comply with the order. BIC counterclaimed against DEEP, alleging that DEEP breached the order.

Three years after filing its suit, DEEP revoked the order and withdrew its complaint against BIC, denying BIC the opportunity to demonstrate to the court that it complied with the order. The court dismissed the action for lack of jurisdiction, leaving BIC to deal with DEEP on an administrative level. While the court determined it did not have jurisdiction over BIC’s counterclaim, it did have some cautionary words for DEEP, stating:

One wonders whether the commissioner’s tactics may have the undesired and surely unintended consequence of precluding resolution of other cases in the future.

While the DEEP has the power to revoke an order, the facts in Commissioner v. BIC Corporation leave a regulated entity with little certainty that its hard work to investigate a site – with input and approvals from an environmental agency – will result in any sort of certainty or finality. When an entity commits to investigate the environmental conditions at a site under an order, it is making a commitment of time and money to do so. This recent case law may leave the regulated community questioning whether such a commitment is prudent.

With the new year comes a new focus on increasing criminal prosecutions against employers for worker safety violations.  In the end of December, the Department of Justice (“DOJ”) and the Department of Labor (“DOL”) announced a plan to deter workplace safety violations through more stringent criminal prosecution.  Under the new plan, the DOJ will work with the Occupational Safety and Health Administration (“OSHA”), the Mine Safety and Health Administration (“MSHA”), and the Wage and Hour Division (“WHD”) to prosecute worker endangerment violations.

Criminal penalties under the Occupational Safety and Health Act (“OSH Act”) are fairly limited, with imprisonment capped at 6 months and fines capped at $10,000.  As part of the new plan, DOJ is encouraging all United States Attorneys to charge employers for other violations that occur in connection with OSH Act violations, such as obstruction of justice, making false statements, witness tampering, and conspiracy.  United States Attorneys are also encouraged to consider environmental crimes, which often occur in concurrence with worker safety violations.  These offenses carry more significant periods of incarceration and fines.

Assistant Attorney General John C. Cruden for DOJ’s Environment and Natural Resources Division said:

We have seen that employers who are willing to cut corners on worker safety laws to maximize production and profit, will also turn a blind eye to environmental laws.  Working with our partners in the Department of Labor and law enforcement, we will remove the profit from these crimes by vigorously prosecuting employers who break safety and environmental laws at the expense of American workers.

Many environmental laws contain broad requirements that can easily be tacked on to a case involving worker safety.  For example, the Clean Air Act’s General Duty Clause requires owners and operators of stationary sources to identify hazards that may result from releases of extremely hazardous substances, design and maintain a safe facility taking necessary steps to prevent releases, and minimize the consequences of releases when they do occur.  This general duty is extremely broad, particularly given the fact that “extremely hazardous substances” is not defined.

United States Attorneys will have a designated Criminal Coordinator from the DOL.  United States Attorneys are encouraged to work with this Criminal Coordinator “to increase the frequency and effectiveness of criminal prosecutions of worker safety violations . . . .”

Given the broad scope of environmental laws, identifying ancillary violations to bolster worker safety violations may not be that difficult.  In addition, DOJ has trained OSHA inspectors to recognize other criminal violations.  Given DOJ and DOL’s recently announced focus on increasing criminal penalties, employers should be aware of all possible violations that could be used to bolster worker safety violations.

The post below is a follow-up to an earlier post written by my colleagues, Edward Heath and Kate Dion. Edward is my partner and is Chair of Robinson + Cole’s White-Collar Defense and Corporate Compliance Practice. Kate is a litigation associate who routinely handles government and internal investigations for manufacturing clients.

In the wake of reports about the government’s investigation of Blue Bell Creameries, the United States Department of Justice has issued an ominous warning to food companies: compliance failures will be aggressively prosecuted.

Last week, the third highest-ranking DOJ official announced that food safety investigations and prosecutions are a priority for the agency.  Noting that both companies and individual employees are subject to prosecution, the DOJ official directed his comments to senior management: “It is easy to think — that could never happen at my company. It is easy to think — that could never be me.”

He then added:

Even a single decision to cut corners can have deadly consequences. The criminal prosecutions we bring should stand as a stark reminder of the potential consequences of disregarding danger to one’s customers in the name of getting a shipment out on time — of sacrificing what is right for what is expedient.

To reinforce the point, the official noted that the government is willing to rely upon criminal laws that are not directly related to food manufacturing, such as those addressing obstruction of justice, and mail and wire fraud.

DOJ has conducted some noteworthy prosecutions in the last two years involving the sale of adulterated food.

  • In one case, the company entered a guilty plea to a misdemeanor violation of the federal Food, Drug, and Cosmetics Act in connection with the sale of a contaminated food product.  The company admitted that some of its employees were aware that the product could be contaminated.  The plea agreement required the company to pay millions of dollars in a criminal fine and forfeiture of assets.
  • In another case, two former company officials were tried and convicted on criminal charges related to the sale of a contaminated product.  The evidence presented at trial established that the defendants misled consumers about the contamination and then fabricated COAs accompanying various shipments.  When FDA officials visited the plant to investigate the outbreak, the defendants then gave misleading or untrue answers to their questions.  Those defendants are still awaiting sentencing.

Blue Bell has entered into voluntary agreements with several state agencies outlining corrective actions necessary to commence selling its ice cream products again, including engaging an expert to oversee sanitation efforts and instituting a “test and hold” procedure that requires it to obtain negative test results before distributing its product for sale.  While the FDA has approved of these agreements and is in discussions with Blue Bell concerning resuming sales of its product, the government has not yet indicated whether it will pursue criminal charges against that company for the three deaths and seven people that were hospitalized as a result of the listeria outbreak.

Regardless, the DOJ’s latest commentary is a striking reminder of the importance of a robust, well-enforced compliance program that addresses all applicable Federal and State rules and regulations.

In today’s competitive marketplace trade secrets are an organization’s most valuable asset.  The only way to ensure protection of a trade secret is to keep the information confidential.  Are you taking adequate measures to protect your company’s assets?

  • Who has access to the company’s most important trade secret information, and how is it currently protected?
  • Is this information marked confidential and maintained in a restricted manner?
  • Are company employees aware of their obligations to maintain the secrecy of this information?
  • How would an employee know how to report suspicious activity involving trade secret theft?

The first step in protecting trade secrets is ensure they are properly identified.  In doing so, manufacturing companies can then develop and implement policies and procedures that are appropriate to protect the nature and value of such confidential information.  Manufacturers may wish to consider undertaking an audit of its trade secret and proprietary information periodically, especially as a company develops new products and expands into new markets.

A second important step in protecting proprietary and trade secret information is to identify where such information is stored and located.  Once identified, limit all access.  For example, this may include restricting access to the company’s premises, including manufacturing materials, processes, files, computers, etc.  Security for the facility and company property is also essential.

Only employees who require such information to perform their jobs – on a need to know basis – should have access to proprietary information.  Then before access to the trade secret and proprietary information is permitted to anyone – employees, vendors, consultants, etc. – manufacturers may wish to consider entering into confidentiality agreements with those who will be granted access to this information so that these individuals clearly understand the conditions to be granted access.  Once these individuals are no longer affiliated with the company, exit interviews may be necessary to ensure that all relevant information is properly returned and the individuals understand their continuing obligation to maintain confidentiality.  

Obviously, the amount of time and money devoted to the protection of certain information depends on the value of such trade secrets and proprietary information. Protection strategies cannot follow a one-size-fits-all approach and must be tailored to the type of information being protected.

Welcome to the last of our three posts with our look ahead to 2026—the environmental edition. If you follow this blog, you have probably sensed a trend: environmental regulation rarely moves in a straight line. This coming year will be no different. Below is a more detailed look at three areas we will be watching this year.

1. PFAS Reporting and Liability

Manufacturers will be spending more time thinking about PFAS in 2026. We have been talking about the Toxic Substances Control Act (TSCA) PFAS reporting rule for years, and it is expected to become final early in 2026. As we previously reported, this rule will require manufacturers to report certain information on PFAS-containing articles going back as far as 2011. The EPA proposed some important changes to the rule at the end of 2025, including exemptions for de minimis concentrations, imported articles and chemicals used in research and development. Once the TSCA rule is finalized, it will require manufacturers to report extensive information about PFAS uses, production volumes, byproducts, exposures, and disposal.

In addition to the federal reporting requirement, states are getting in on the action. If your products travel into Minnesota, Minnesota’s sweeping PFAS‑in‑products statute (Amara’s Law) will require you to report products with intentionally added PFAS. By July 1, 2026, manufacturers will be required to disclose product‑specific PFAS details, including the type and amount of the PFAS in the product as well as its purpose or function.

These federal and state reporting obligations create challenges for manufacturers to dive deep into their supply chains in an attempt to gather the required information. For sectors using PFAS indirectly—such as coatings, plastics, electronics, and molded components—the data‑gathering burden may be significant.

In addition to reporting obligations, investigation and remedial obligations related to PFAS are on the rise. The EPA plans to maintain CERCLA hazardous‑substance designations for PFOA and PFOS, signaling continued expansion of PFAS‑related cost recovery and cleanup obligations. That means manufacturers with current or historical PFAS use—or who acquired property with legacy PFAS contamination—will likely face increased risk of enforcement actions or third‑party claims.

2. Water Law Uncertainty: WOTUS and NPDES Permitting Changes

Water regulation remains a challenge for many manufacturers, and 2026 won’t offer much relief. As my colleagues have previously explained, the continued regulatory back‑and‑forth regarding the definition of Waters of the United States (WOTUS) under the Clean Water Act has left manufacturers guessing as to the activities that will trigger Clean Water Act jurisdiction. This matters because facility expansions, stormwater projects, and wetlands issues all hinge on these key jurisdictional determinations.

At the same time, both EPA and states are tightening oversight of NPDES permitting for indirect discharges. Manufacturers whose wastewater enters complex conveyance systems, such as municipal treatment systems, may face additional pretreatment, sampling, monitoring, and recordkeeping obligations as regulators try to close gaps in indirect discharge oversight. Spoiler alert—PFAS are emerging in this context, too.

3. The Patchwork of State Extended Producer Responsibility (EPR) Laws

For manufacturers selling their products into multiple states, the growing patchwork of packaging EPR laws is quickly becoming a compliance challenge. A number of states, including Colorado, California, and Minnesota, now have packaging EPR programs, each with different definitions of producer, different covered packaging materials, and different registration and reporting deadlines. And many states, including Massachusetts, New Jersey, and New York, are poised to follow.

The variability in these laws makes it difficult for manufacturers looking to develop a one-size-fits-all approach. Manufacturers should stay on top of these laws and their requirements in an attempt to develop as streamlined a strategy as possible for compliance.