Legal Issues

 

 

https://sm.asisonline.org/Pages/June-2018-Legal-Report.aspxJune 2018 Legal ReportGP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a43444652018-06-01T04:00:00Zhttps://adminsm.asisonline.org/pages/megan-gates.aspx, Megan Gates<h4><strong>​Judicial Decisions</strong></h4><p><strong>DISCIPLINE</strong>. The U.S. National Labor Relations Board (NLRB) upheld an employer's decision to discipline an employee, engaged in protected activity, who used a security passcode to allow nonemployees into a secure area.</p><p>Evan Demma, a server at the Atwood Café owned by KHRG and part of Hotel Burnham in Chicago, Illinois, attempted to organize the café and hotel's staff. As a member of UNITE HERE, Demma participated in dozens of union-organized demonstrations and protests outside the Atwood Café between 2014 and 2015. </p><p>In October 2015, Demma and roughly 100 other employees from various employers throughout Chicago participated in a union demonstration outside the hotel to make management aware of working conditions for housekeeping employees. </p><p>Once the demonstration began, Demma led a group of 20 people—six of whom were hotel employees—to deliver a petition to his general manager, </p><p>Tonya Scott. The group entered the hotel, where a security guard stopped them to say that only four employees could continue to the managers' offices.</p><p>"Although he was aware that nonemployees were in the delegation, Demma falsely replied that everyone in the delegation was an employee with the right to deliver the petition," according to court documents. "The security guard then allowed the entire delegation to pass."</p><p>The group had to pass through a secure area to enter the managers' offices. To do so, Demma entered a security passcode on a keypad. He then led the group to Scott's office—which was small, requiring some of the group to stand outside unattended, passing by several employees.</p><p>A restaurant manager later began an investigation into the petition delivery. At the same time, several employees emailed Demma and management to express their displeasure about nonemployees in the secured area of the hotel. The investigation resulted in a suspension for Demma, who was fired a week later for committing a "serious security breach."</p><p>UNITE HIRE filed a complaint with the NLRB, alleging that Demma's termination was a violation of the National Labor Relations Act (NLRA) because he was engaged in protected activity.</p><p>The NLRB, however, disagreed. In its opinion, the board said that while the delivery of the petition was protected concerted activity, Demma was discharged for lying and using a passcode to admit nonemployees into a secured area of the workplace.</p><p>"While the delegation's action was not disruptive, the dispositive point is that it advanced to the secure area only because Demma misrepresented to the security guard that the delegation consisted only of employees and the delegation was able to enter the secure area only because Demma used the passcode to provide the group unauthorized access," the board wrote.</p><p>These actions were "flagrant" violations of the hotel's security protocol, the board said, adding that the activity could not be dismissed as an impulsive act—which is protected under the NLRA—because Demma's actions were predetermined.</p><p>"Demma knew that there were nonemployee union representatives in his delegation and that, if he were to present the petition to Scott while she was in her office, he would have to breach the hotel's security protocol by improperly using the passcode to provide the nonemployee members of the delegation access to the secured area," the board explained. (KHRB and UNITE HERE, NLRB, No. 13-CA-162485, 2018)</p><p><strong>Discrimination. </strong>An IT staffing firm will pay $50,000 and make remedial measures to settle an age discrimination lawsuit brought by the U.S. Equal Employment Opportunity Commission (EEOC).</p><p>In its suit, the EEOC charged that Diverse Lynx violated the Age Discrimination in Employment Act when it told a job applicant he would no longer be considered for a position because he was "born in 1945" and "age will matter," according to a press release.</p><p>"A basic principle of anti-discrimination law requires that job applicants be judged on their individual qualifications," said EEOC Senior Trial Attorney Rosemary DiSavino in a statement. "Employers and employment agencies that consider an applicant's protected trait, such as age, violate federal law and will be prosecuted."</p><p>In addition to paying $50,000, Diverse Lynx is prohibited from considering an applicant's age when making hiring decisions and must provide its employees with live training that addresses U.S. federal anti-discrimination laws, as well as complaint and reporting procedures. Diverse Lynx also agreed that it will not retaliate against individuals who complain about discriminatory conduct. (EEOC v. Diverse Lynx, U.S. District Court for the District of New Jersey, No. 17-cv-03220, 2018)​</p><h4>Regulations</h4><p><strong>BORDER SECURITY. </strong>U.S. President Donald Trump authorized the U.S. National Guard to deploy to the U.S.-Mexico border to aid border patrol agents.</p><p>"America's Border Patrol agents work incredibly hard to do their jobs of enforcing our Nation's immigration laws and protecting our national security. These law enforcement personnel are tasked with securing thousands of miles of border…and often do not have the manpower or resources necessary to stem the tide of illegal immigration into the United States.</p><p>"Given the importance of secure borders to our national security, the National Guard, in coordination with governors, will remain in a support role until Congress takes the action necessary to close the loopholes undermining our border security efforts," the Trump administration said in a statement.</p><p><strong>SOCIAL MEDIA. </strong>The U.S. State Department issued a rule for public comment that would require all U.S. visa applicants to submit social media information.</p><p>The rule would require that applicants submit social media usernames, previous email addresses, and phone numbers for the past five years. It would change the previous practice that required only applicants subject to extra scrutiny to submit such information.</p><p>The public had until May 29, 2018, to submit its comments before the U.S. Office of Management and Budget makes a final determination on the rule.</p><h4>Legislation​</h4><p><strong>SCHOOLS. </strong>The U.S. House of Representatives passed legislation that would provide grant money for school safety measures.</p><p>The Students, Teachers, and Officers Preventing (STOP) School Violence Act (H.R. 4909) would authorize $750 million in U.S. federal funding for 10 years to train school personnel, students, and law enforcement to prevent student violence. </p><p>Grant money could also be used to develop anonymous reporting systems for threats, implement deterrent measures like metal detectors, or install technology for expedited notification of law enforcement during an emergency. The bill, however, prohibits funds from being used for firearms training.</p><p>The bill was sponsored by U.S. Representative John Rutherford (R-FL) and has 100 bipartisan cosponsors. </p><p>"I know from my time as sheriff that school and community safety requires a multi-layered approach," Rutherford said in a statement. "The STOP School Violence Act strengthens several vital layers of that security by giving students, teachers, and officers the resources and the training they need to identify warning signs and keep violence out of our schools and away from our children."</p><p>The bill now moves to the U.S. Senate Committee on the Judiciary for consideration.</p><p><strong>UTILITIES.</strong> A U.S. Senate committee approved a bill that would create a pilot program to explore protections for the U.S. electric grid. </p><p>The bill (S. 79) would instruct the U.S. Department of Energy's National Laboratories to study whether human-operated or analog systems would be more effective against cyberthreats to the electric grid. </p><p>The bill would also require the </p><p>department to create a working group to evaluate the National Laboratories technology solutions and create a strategy to isolate the electric grid from cyberattacks. The department would then submit a report to Congress assessing the program.</p><p>U.S. Senator Angus King, Jr., (I-ME) introduced the bill, which has four bipartisan cosponsors. It now moves to the Senate Committee on Energy and Natural Resources.  ​</p><h4>Other Legislation</h4><p><strong>Alabama.</strong></p><p><strong>NOTIFICATION</strong>. Alabama's Senate passed a bill that would set requirements for companies to notify individuals affected by data breaches.</p><p>S.B. 318 would require companies to notify any individuals who are affected by data breaches within 45 days of determining that a breach has occurred and if it is reasonably likely to cause substantial harm.</p><p>Companies that do not notify individuals would be subject to fines up to $5,000 per day, as issued by the state's attorney general's office.</p><p>The bill now heads to the Alabama House of Representatives. If enacted, Alabama will become the 49th U.S. state to enact a data breach notification requirement.</p><h4>​ </h4><h4>Elsewhere in the Courts</h4><p><strong> Insider Trading</strong></p><p>The U.S. Securities and Exchange Commission (SEC) charged Jun Ying, Equifax's former chief information officer, with insider trading. </p><p>The complaint alleges that Ying "after being entrusted with material, nonpublic information about a massive cyber-intrusion and data breach suffered by his employer…exercised all his vested Equifax stock options and sold the shares prior to the public announcement of the breach," avoiding losses of more than $100,000. (SEC v. Ying, U.S. District Court for the Northern District of Georgia Atlanta Division, No. 1.18-cv-01069-CAP, 2018)</p><p><strong>Corruption</strong></p><p>A company that transports nuclear materials to customers in the United States and abroad will pay a $2 million criminal penalty to resolve charges that it engaged in a bribery scheme. </p><p>The settlement is part of a deferred prosecution agreement the company entered into with the U.S. Department of Justice, which said the company bribed an official at a subsidiary of Russia's State Atomic Energy Corporation to secure a business deal. The company used terms such as "remuneration" and "commission" to document fraudulent payments to the Russian national. (Transport Logistics International, Inc., U.S. District Court for the District of Maryland, No. 8:18-cr-00011-TDC, 2018) </p><p><strong>Discrimination</strong></p><p>A U.S. federal appeals court rejected an employer's claim that its activity that may have discriminated against a transgender employee was protected by the Religious Freedom Restoration Act. Aimee Stephens, who had worked as a funeral director for six years, was fired two weeks after informing her employer that she is a transgender woman and intended to dress as a female. </p><p>The appellate court found that "discrimination on the basis of transgender and transitioning status" is a violation of Title VII of the Civil Rights Act. The court remanded the case to the district court level to consider whether the employee was discriminated against. (EEOC v. R.G. & G.R. Harris Funeral Homes, Inc., U.S. Court of Appeals for the Sixth Circuit, No. 16-2424, 2018)</p>

Legal Issues

 

 

https://sm.asisonline.org/Pages/June-2018-Legal-Report.aspx2018-06-01T04:00:00ZJune 2018 Legal Report
https://sm.asisonline.org/Pages/June-2018-SM-Online.aspx2018-06-01T04:00:00ZJune 2018 SM Online
https://sm.asisonline.org/Pages/June-2018-Legal-Report-Resources.aspx2018-06-01T04:00:00ZJune 2018 Legal Report Resources
https://sm.asisonline.org/Pages/Taking-Flight.aspx2018-05-01T04:00:00ZTaking Flight
https://sm.asisonline.org/Pages/May-2018-Legal-Report.aspx2018-05-01T04:00:00ZMay 2018 Legal Report
https://sm.asisonline.org/Pages/Banks-Balk-on-Bud.aspx2018-05-01T04:00:00ZBanks Balk on Bud
https://sm.asisonline.org/Pages/May-2018-SM-Digital.aspx2018-05-01T04:00:00ZMay 2018 SM Online
https://sm.asisonline.org/Pages/April-2018-SM-Online.aspx2018-04-01T04:00:00ZApril 2018 SM Online
https://sm.asisonline.org/Pages/April-2018-Legal-Report-Resources.aspx2018-04-01T04:00:00ZApril 2018 Legal Report Resources
https://sm.asisonline.org/Pages/Stopping-Distracted-Driving.aspx2018-04-01T04:00:00ZBehind the Wheel: Stopping Distracted Driving
https://sm.asisonline.org/Pages/April-2018-Legal-Report.aspx2018-04-01T04:00:00ZApril 2018 Legal Report
https://sm.asisonline.org/Pages/Book-Review---Tradecraft-Primer.aspx2018-04-01T04:00:00ZBook Review: Tradecraft Primer
https://sm.asisonline.org/Pages/March-2018-SM-Online.aspx2018-03-01T05:00:00ZMarch 2018 SM Online
https://sm.asisonline.org/Pages/March-2018-Legal-Report-Resources.aspx2018-03-01T05:00:00ZMarch 2018 Legal Report Resources
https://sm.asisonline.org/Pages/Fair-and-Neutral.aspx2018-03-01T05:00:00ZFair & Neutral
https://sm.asisonline.org/Pages/Weapons-in-the-Workplace.aspx2018-03-01T05:00:00ZWeapons in the Workplace
https://sm.asisonline.org/Pages/March-2018-Legal-Report.aspx2018-03-01T05:00:00ZMarch 2018 Legal Report
https://sm.asisonline.org/Pages/February-2018-SM-Online.aspx2018-02-01T05:00:00ZFebruary 2018 SM Online
https://sm.asisonline.org/Pages/February-2018-Legal-Report-Resources.aspx2018-02-01T05:00:00ZFebruary 2018 Legal Report Resources
https://sm.asisonline.org/Pages/Book-Review---Online-Records.aspx2018-02-01T05:00:00ZBook Review: Online Records

 You May Also Like...

 

 

https://sm.asisonline.org/Pages/SM-Online-January-2018.aspxSM Online January 2018<h4>​SCHOOL SAFETY</h4><p>Campus security nonprofit <a href="http://safehavensinternational.org/" target="_blank">Safe Havens International </a>offers free school safety resources on its website that can be used in K-12 schools as well as for higher learning institutions. Documents include a <a href="http://safehavensinternational.org/wp-content/uploads/2014/08/K12_School_Crisis_Site_Planning_Evaluation_Tool.pdf" target="_blank">safety plan evaluation tool</a>, a building design checklist, and a sample background investigation booklet for the hiring process. Safe Havens International works with schools on national and international levels in planning, coordinating, and evaluating a wide range of school crisis simulations.</p><h4>​BIODEFENSE</h4><p>Despite a call for a united biodefense approach, U.S. federal agencies continue to face challenges in sharing threat information, according to <a href="https://www.gao.gov/products/GAO-18-155" target="_blank">a GAO report​</a>. A <a href="http://www.biodefensestudy.org/biodefense-indicators" target="_blank">2016 panel on biodefense</a> contends that the U.S. vice president should lead the nation’s biodefense efforts.</p><h4>CYBER STRATEGY</h4><p>Despite awareness of cyber risks, many companies remain unprepared to deal with them, according to PricewaterhouseCoopers’ <a href="https://www.pwc.com/us/en/cybersecurity/information-security-survey.html" target="_blank">The Global State of Information Security Survey 2018.​</a></p><h4>CRISIS COMMUNICATIONS</h4><p>SmartRiskSolutions GmbH <a href="http://www.smartrisksolutions.de/assets/handbook-crisis-management-crisis-communication-terrorist-attack-active-shooter.pdf" target="_blank">published a handbook​</a> with advice for crisis management and crisis communications during a terrorist attack or active shooter incident. </p><h4>ASIS ACCOLADES</h4><p>Attendees at the ASIS 2017 voted the Pelco by Schneider Electric VideoXpert Professional Video Management System an ASIS Accolades People’s Choice Award winner. The Judges Choice awardee was the intelligent security robot from Cobalt Robotics. <a href="https://securityexpo.asisonline.org/expo/Pages/Accolades-.aspx" target="_blank">Read about all the winners.​</a></p><h4>WHISTLEBLOWING REWARDS</h4><p>Financial incentives can discourage whistleblower reporting, <a href="http://aaajournals.org/doi/abs/10.2308/ajpt-51663?code=aaan-site" target="_blank">according to a new study.​​</a></p><h4>FIRE SAFETY</h4><p>The <a href="https://www.csemag.com/fileadmin/content_files/cse/Consulting-Specifying_Engineer_2016_Fire_and_Life_Safety_Report.pdf" target="_blank">2016 Fire and Life Safety Study</a> from Consulting-Specifying Engineer surveyed its subscribers on what matters to them when selecting a fire and life safety system. ​</p><h4>EMAIL</h4><p>The U.S. Department of Homeland Security <a href="https://www.cyberscoop.com/dhs-dmarc-mandate/" target="_blank">issued a binding directive ​</a>that requires all U.S. agencies to adopt email and Web security guards against phishing and spam.</p><h4>BOMBING CONVICTION</h4><p><a href="https://www.justice.gov/usao-sdny/press-release/file/911021/download" target="_blank">A jury convicted</a> Ahmad Khan Rahimi on eight charges related to bombings in New York City on September 17, 2016, which injured more than 30 people and caused millions of dollars in property damage.</p>GP0|#28ae3eb9-d865-484b-ac9f-3dfacb4ce997;L0|#028ae3eb9-d865-484b-ac9f-3dfacb4ce997|Strategic Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465
https://sm.asisonline.org/Pages/What's-New-in-Access-Control.aspxWhat's New in Access Control?<p>​Innovation in access control is quietly heating up. The industry is ready to implement innovations on a broad scale that have been just out of reach. Demand for virtual credentials is growing, facial recognition technology is both technically and economically feasible, and migration to the cloud is increasing—and increasingly beneficial. Over the next few years, market adoption of these advances will transform the ways security professionals operate and organizations benefit from their access control systems. </p><p><strong>Virtual credentials and mobile access technology</strong></p><p>The demand for virtual credentials and mobile access is intensifying, driven in part by younger members of the workforce who never go anywhere without their smartphones. Suffice to say, most employees wouldn't turn their cars around for a forgotten physical credential, but they'll certainly restart their commutes to collect forgotten smartphones. </p><p>The benefits are simple: convenience, compliance, and satisfaction of workforce demand. Everyone carries their phone, security professionals enhance their management capabilities, and employees can stay on the move. By including the credential in a mobile device, embedded in an app, organizations can also provide novel security capabilities, such as threat reporting and virtual photo ID. </p><p>The good news is that virtual credentials and mobile access technology have progressed to the point that they are easier to implement. Migration is straightforward, and implementation does not need to be all-or-nothing. Instead it can be taken in phases leading to an interim hybrid approach that includes physical and virtual credentials. </p><p><strong>Facial recognition</strong></p><p>Facial recognition offers the advantage of using existing access control rules, while reducing the friction of the user experience. </p><p>Picture a busy New York City high-rise office building with turnstiles that control access to an elevator lobby. There are always a few employees who have to search their pockets or backpacks to fish out a physical credential. Implementing facial recognition eliminates that bottleneck. The software scans people as they approach the turnstile and transmits a virtual credential to the access control system. Where a line might otherwise have formed, authorized employees now pass through turnstiles efficiently. </p><p>Facial recognition access control is no longer out of reach. Today's computing power can be combined with increasingly high-definition cameras and advanced recognition algorithms to bring the costs of implementation way down. </p><p><strong>Access control in the cloud</strong></p><p>The access control server is the nerve center of an access control system, but it no longer needs to physically exist. The increasing prevalence of the cloud eliminates that necessity. </p><p>Rather than dealing with the maintenance of a physical server, the speed and convenience of the cloud can handle everything a hardware box used to. This advance allows for increased scalability. And it provides flexibility in how security professionals purchase and use access control servers. Now the integrator or manufacturer can reduce end user burden and cost by ensuring that systems are backed up and updated remotely.<strong> </strong></p><p><strong>What's next?</strong></p><p><strong></strong>Innovations in access control systems will drive the industry over the coming years. Novel credentials, such as mobile access and face recognition technology, combined with cloud-based servers will deliver an altogether improved experience. </p><p><em>John L. Moss is CEO of S2 Security.</em></p>GP0|#cd529cb2-129a-4422-a2d3-73680b0014d8;L0|#0cd529cb2-129a-4422-a2d3-73680b0014d8|Physical Security;GTSet|#8accba12-4830-47cd-9299-2b34a4344465