Message from the Editor:
Welcome to another edition of ‘Inside Background Screening’ our new newsletter. Our goal is to bring to you cutting edge news and information about what is happening in the background screening world to help keep you informed and to position you to make the best possible hiring decisions.
We hope you enjoy ‘Inside Background Screening’ and that you will share your interest and thoughts with us.
Lorenzo Pugliano
CEO
Lpugliano@nsshire.com
EMPLOYMENT SCREENING NEWS
HR Quick Take: Ban the Box
Even though the Iowa Supreme Court struck down Waterloo’s original broad Ban the Box requirement in Iowa, there was a specific focus on the timing of inquiring about criminal history. Waterloo could require that criminal history information would only be obtained after a conditional job offer had been made. Iowa currently has no comprehensive Ban the Box law.
BIOMETRICS NEWS
The Clear and Present Danger of Not Complying with Biometric Privacy Laws
As a result of the enactment of the Illinois Biometric Information Privacy Act (BIPA), more than 1,000 lawsuits were filed in the state from mid-2017 to the end of 2021, all claiming violations of the BIPA. The state’s data privacy law is the most stringent biometric protection law in the country, but 10 other states have enacted similar laws. An additional 24 states and the federal government are considering legislation that provides some level of protection for personal data.
Recent BIPA Opinion May Have Significant Implications on the Scope of Section 15(b) Claims Moving Forward
A California federal court recently issued a notable Illinois Biometric Information Privacy Act (BIPA) opinion in Zellmer v. Facebook, Inc., which could have significant implications for third-party biometric technology providers. In the case, Zellmer filed suit against Facebook in 2018 for alleged violations of BIPA’s notice and consent requirements in connection with the company’s photo “tagging” feature. The court sided with Facebook at summary judgment, noting that it would be patently unreasonable to construe BIPA to mean that the company was required to provide notice to, and obtain consent from, non-ushers who were total strangers to the company.
DRUG SCREENING ISSUES
Don’t Fire Me! I’m Drug Free! It Was CBD! Indiana Court Examines Termination for Use of Hemp Oil
A federal district court in Indiana ruled that no federal legal protection exists for the employee’s use of CBD oil in Rocchio v. E&B Paving, LLC [YA1] [MS2]. When John Rocchio, an employee of E&B, tested positive for marijuana metabolites in his system, his employment was terminated due to a zero-tolerance policy. Although the employee argued that he did not use marijuana, it was his use of CBD oil that led to the positive test results. He filed a lawsuit claiming that E&B violated the ADA by terminating him and not rehiring him. The court found no ADA violation and granted the employer’s summary judgment.
Marijuana Laws and the 2022 Workplace
With more and more states continuing to legalize cannabis for both medicinal and recreational use, employers should consider making decisions as to whether they will be guided by federal law, says Catharine Morisset, an attorney with Fisher Phillips. In some of the states that were the first to legalize recreational cannabis use, like Colorado and California, there are few job protections for off-duty use, but newer versions of the laws offer more job protections. Some offer protection for registered medical marijuana patients, but not recreational users, but others, like New Jersey and New York, provide employment protections for both. Marijuana is still listed as a Schedule 1 drug under the Controlled Substances Act and efforts to reform the law have stalled in Congress.
To Test or Not to Test: Considerations for Employers Pondering the Future of Their Cannabis Testing Practices
The rapidly evolving legal landscape surrounding marijuana laws continues to present new challenges for employers, especially those who cover multiple states. Employers need to find ways to balance complying with conflicting federal, state, and local laws; maintaining a safe work environment; protecting applicants’ and employees’ privacy and other legal rights; and attracting and retaining quality talent. Some issues employers and their stakeholders should consider involve how to make sense of a positive test result; requirements to test for cannabis, such as for transportation industry and federal contractors; safety-sensitive positions; accommodating medical cannabis use; and job market considerations.
Workforce Drug Test Positivity Climbs to Highest Level in Two Decades
Positivity rates for marijuana in the general workforce have continued to climb, increasing 8.3% for the highest positivity rate ever reported, based on more than 6 million urine tests. Over the last five years, the positivity rate has increased 50 percent. For oral fluid tests, that increase was 20.3 percent in a year and 68.2 percent over five years. Similar increases have been noted for cocaine and methamphetamine, as well.
Federal Court Dismisses Disability Discrimination Suit Based on Employee’s CBD Use
A federal court in Indiana dismissed an employee’s lawsuit after he tested positive for marijuana due to CBD use and claimed that his termination violated the Americans with Disabilities Act (ADA). Rocchio of Rocchio v. E&B Paving, LLC, and Int’l Union of Operating Engineering Local 103, an engineer, tested positive for marijuana following a random drug test. His employment was terminated in accordance with the Company’s policy. The court disagreed with Rocchio’s argument that the employer violated the ADA when it took an adverse employment action against him, claiming the positive result was because of his use of CBD oil.
LEGAL ISSUES
New York City’s New Law Regulating the Use of Artificial Intelligence in Employment Decisions
A bill was passed by the New York City Council in 2021 that regulates employers and employment agencies’ use of “automated employment decision tools” on candidates and employees residing in New York City and prohibits an employer or employment agency from using an automated employment decision tool in making an employment decision unless certain requirements are met. In addition, the new law also requires employers and employment agencies to satisfy two notice requirements.
Eighth Circuit Holds Article III Standing Was Lacking for An Alleged Violation of the FCRA’s “Pre-Adverse Action” Notice Provision
In early April, the U.S. Court of Appeals for the Eighth Circuit joined the Ninth Circuit in holding that a plaintiff lacked Article III standing to prosecute statutory claims under the Fair Credit Reporting Act (FCRA) in federal court. The U.S. Supreme Court has given new life to the concept of “Article III” standing in both Spokeo v Robins and Ramirez v Trans Union. The Eighth Circuit applied the same precedent to FCRA claims against an employer in Schumacher v. SC Data, Inc., finding for the employer in this case, but the Third Circuit reached the opposite conclusion regarding a pre-adverse action claim.
Arizona Strengthens Background Check Requirements for Nursing Home and Skilled Nursing Facility Employees
Nineteen bills were signed into law in Arizona, including Senate Bill (SB) 1242, which strengthens employee background checks most notably for nursing home and assisted living facility employers. Specifically, the bill enhances the process for employees to become licensed through the Arizona Board of Examiners of Nursing Care Institution Administrators and Assisted Facility Managers (NCIA). In addition to the state’s existing fingerprint clearance requirements, SB 1242 prohibits people with felony convictions involving “violence of financial fraud” from obtaining fingerprint clearance and becoming licensed to work in nursing homes or assisted living facilities and also states that the NCIA Board “shall require each applicant for initial certification to submit a full set of fingerprints to the Board.”
New Opinion Allowing Plaintiff to Present His Class Action Willful FCRA Claims to a Jury Reinforces Need to Remain Vigilant About FCRA Compliance
A California court of appeal has issued a new opinion in Hebert v. Barnes & Noble, reversing summary judgment for the employer. The plaintiff in the case alleges that the defendant failed to provide him with a “stand-alone” disclosure when it included a footnote considered to be impermissible “extraneous” information that cannot be included in a Fair Credit Reporting Act (FCRA) disclosure. The defendant claimed its inclusion was an oversight that occurred when the disclosure was being updated. The claims will be presented to a jury for a decision on the alleged “willful” FCRA violation.
California FEHC Proposes Sweeping Regulations Regarding Use of Artificial Intelligence and Machine Learning in Connection with Employment Decision-Making
The California Fair Employment and Housing Council (FEHC) published Draft Modifications to Employment Regulations Regarding Automated-Decision Systems, incorporating the use of “automated-decision systems” in existing rules regulating employment and hiring practices in California. The draft regulations seek to make it unlawful to use automated -decision systems that “screen out or tend to screen out” applicants or employees on the basis of a protected characteristic, unless shown to be job-related and consistent with business necessity. Included is also significant and burdensome recordkeeping requirements.
DATA PROTECTION & PRIVACY STATUS
Amendments to the Virginia Consumer Data Privacy Act Pass Legislature
The Virginia Consumer Data Privacy Act (CDPA), set to go into effect on Jan. 1, 2023, could be amended soon. Four amendments passed by the Virginia House and Senate address how businesses can process deletion requests and reshape the scope of the law’s non-profit exemption. Specifically, the amendments aim to expand non-profits, make it easier for controllers that obtain consumer personal data from other sources to comply with the consumer’s right to delete, and eliminate the Consumer Privacy Fund.
Colorado AG Issues Guidance on Data Security Best Practices
In the state of Colorado, businesses must take reasonable steps to protect consumer data under the Colorado Consumer Protection Act and the Colorado Privacy Act (CPA). The state’s attorney general released guidance that outlines best practices for safeguarding data. The guidance advises entities to adopt the following nine practices: 1. Inventory types of data collected and establish systems to store and manage data, 2. Develop a written information security policy, 3. Adopt a written data incident response plan, 4. Manage vendors’ security, 5. Train employees to prevent and respond to cybersecurity incidents, 6. Follow the Department of Law’s ransomware guidance, 7. Notify affected individuals and the AG of a breach, 8. Protect individuals affected by a data breach from identity theft and harm, and 9. Review and update security policies regularly.
How the Utah Consumer Privacy Act Stacks Up Against Other State Privacy Laws
The Utah Consumer Privacy Act (UCPA) is similar to the Virginia Consumer Data Protection Act (VCDPA) and Colorado Privacy Act (CPA) and borrows from the CCPA. Significant changes to these laws, however, exist pertaining to applicability, exemptions, sales and targeted advertising opt-out rights, opt-out consent to process most sensitive data, other consumer rights, and enforcement and regulation.
Proposed State Privacy Law Update: April 11, 2022
There have been several changes across the country regarding privacy laws, including a new law introduced in Louisiana. A Connecticut bill was referred to the Joint Judiciary Committee and Maryland’s SB 11 received an unfavorable report from the House Economic Matters Committee. In Georgia, legislature closed without passing SB 394. In addition, numerous hearings were scheduled for this month and CCPA-Like privacy bills were in various stages across the country. Several states, including California, Kentucky, Maine, Maryland, Massachusetts, Missouri, New York and West Virginia are considering BIPA-like biometric information privacy bills and two states – Delaware and Massachusetts – are considering bills to regulate data brokers.