FTC proposes ban on non-compete clauses for employees

By Anita Byer, Setnor Byer Insurance & Risk

The Federal Trade Commission recently proposed a new rule that would ban the use of non-compete clauses in employment agreements. The FTC believes that the widespread use of non-compete clauses suppresses wages, hampers innovation and stifles entrepreneurship. According to FTC estimates, the proposed rule could increase wages by nearly $300 billion per year and expand career opportunities for millions of Americans. It could also cause inconvenience, disruption and even financial harm to countless individuals and businesses nationwide. A watershed moment indeed, but for better or worse?

Under the proposed rule, the use of non-compete clauses would be considered an unfair method of competition. As such, it would be unlawful for an employer to:

  • enter into or attempt to enter into a non-compete clause with a worker;
  • maintain a non-compete clause with a worker; or
  • represent to a worker, under certain circumstances, that the worker is subject to a non-compete clause.

The notable breadth of the proposed rule comes from its definitions. “Worker” is defined broadly to mean any natural person who works for an employer, whether paid or unpaid, including employees, independent contractors, interns and volunteers. A “non-compete clause” is any contractual term between an employer and a worker that prevents the worker from seeking or accepting employment, or operating a business, after the conclusion of the worker’s employment with the employer. This already broad definition is made even broader by including de facto non-compete clauses.

A de facto non-compete clause is any contractual term that has the effect of prohibiting a worker from seeking or accepting employment or operating a business after the conclusion of the worker’s employment with the employer. A non-disclosure agreement, for example, could be considered a de facto non-compete clauses if it is written so broadly that it effectively precludes the worker from working elsewhere in the same field. If the proposed rule is adopted, this functional test to determine whether a contractual term should be interpreted as a prohibited non-compete clause seems to be fertile ground for litigation.

So, what happens to existing non-compete clauses under the proposed rule? If adopted as is, the rule would require employers to rescind existing non-compete clauses with workers and actively inform their employees that the contracts are no longer in effect. The rule, however, does have a limited sale-of-business exception that allows a person who owns at least 25 percent of a business entity to execute a non-compete clause as part of a sales transaction.

It’s important to note that this is not a final rule. If and when the FTC publishes a final rule, it may be substantially different than the proposed rule. However, since any such rule could have potentially significant implications, employers should be paying attention to the FTC and its desire to essentially prohibit the use of non-compete clauses. Those not comfortable taking the wait-and-see approach are free to participate in the rule-making process. The FTC is accepting public comments on the proposed rule through March 10, 2023. So, what do you think? Should non-compete clauses be banned?

If adopted, the proposed rule would supersede any inconsistent state statute, regulation, order or interpretation, altering the nature employer / employee relationships nationwide. Please contact us to discuss the value of having Employment Practices Liability insurance coverage in this rapidly changing regulatory environment.

Have Data Security Breaches Become the New Normal?

It has gotten to the point where we can barely keep up with all the data security breaches. We are no longer surprised to hear that another data breach exposed the sensitive personal information exposed of thousands (or millions!) of people. What’s worse is that many of us are no longer concerned. We have become complacent.

Taking a callous attitude toward data breaches can be risky. Just because data breaches are more common doesn’t make them less harmful. According to a study by Javelin Strategy & Research, 15.4 million U.S. consumers had $16 billion stolen in 2016. Identity thieves have stolen nearly $110 billion in the past six years.

Things got worse in July 2017, when Equifax, one of the three major credit reporting agencies, discovered a massive data breach that could impact approximately 143 million U.S. consumers. Equifax reports that the exposed information:

  • Social security numbers;
  • Birth dates;
  • Addresses;
  • Driver’s license numbers; and
  • Credit card numbers for approximately 209,000 consumers.

How significant is this? According to the Federal Trade Commission (FTC), if you have a credit report, there is a good chance that you’re one of the 143 million American consumers who had their sensitive personal information exposed. If so, the FTC recommends taking the following protective measures.

  • Check your credit reports from all three credit reporting agencies (including Equifax). You can do this for free by visiting annualcreditreport.com. Accounts or activity that you don’t recognize could indicate identity theft.
  • Consider placing a credit freeze on your files. A credit freeze makes it harder for someone to open a new account in your name, but it won’t prevent a thief from making charges to existing accounts.
  • If you decide against a credit freeze, consider placing a fraud alert on your files. This warns creditors that you may be an identity theft victim and that they should verify that anyone seeking credit in your name really is you.
  • Monitor credit card and bank accounts closely for charges you don’t recognize.
  • File your taxes early, so an identity thieve uses your Social Security number to get a tax refund or a job. Respond right away to letters from the IRS.

Taking measures to protect against identity theft are important, but they’re not always enough. That’s why you should consider insurance that is specifically designed to protect both individuals and businesses against identity thieves and hackers. For example, identity theft coverage can help individuals cover the cost of clearing their name. Cyber Liability and Security Breach (Cyber Perils) coverage can protect businesses against various cyber threats, including the cost of complying with data breach notice laws.

Please contact us if you would like more information about insurance specifically designed to protect against identity theft.

Additional information is also available in our weekly Risk Management Newsletters.

How Can You Prevent Identity Theft?

According to the Federal Trade Commission, identity theft continues to top the list of consumer complaints. In 2013, American consumers reported losing more than $1.6 billion to fraud, which is approximately $2,294 per incident. The highest reported age group for identity theft is 20-29, and the most common form of identity theft is tax- or wage-related, followed by credit card fraud, utilities fraud and bank fraud. Florida has the highest per capita rate of reported identity theft complaints, followed by Georgia and California.

Since October is National Cyber Security Awareness Month, now is the perfect time to learn about preventing identity theft. Here are some tips from the Insurance Information Institute.

  • Don’t carry unnecessary personal information (social security card, passport, etc.).
  • Prevent ‘shoulder surfers’ from seeing credit card numbers or PINs.
  • Always take credit card or ATM receipts.
  • Don’t give out personal information, whether on the phone, via mail or online, unless you initiated contact or you know the transmission will be secure.
  • Only use authenticated websites to conduct business online. Check for the locked padlock image or look for ‘https://’ rather than ‘http://’ in your browser window.
  • Be aware of phishing and pharming scams that use fake emails and websites to impersonate legitimate organizations. Exercise caution when opening emails and instant messages from unknown sources.
  • Never send personal, financial or password-related information via email.
  • Use up-to-date firewall, anti-spyware and anti-virus programs.
  • Monitor all financial accounts and review monthly statements to make sure all transactions are accurate.
  • Immediately contact your credit card or bank if you suspect a problem.
  • Order your credit report from the three major credit bureaus to make sure it’s accurate and includes only authorized activities. You are entitled to one free credit report per year.
  • Place passwords on your credit card, bank and phone accounts.
  • Don’t use passwords containing easily available information (mother’s maiden name, birth date, phone number, etc.) or any series of consecutive numbers.
  • Change passwords if you suspect a problem.
  • Shred documents containing personal information such as credit card numbers, bank statements, charge receipts or credit card applications.

In the event of identity theft, early detection is the key to limiting the damage. Here are some clues from the FTC that someone may have stolen your identity.

  • You see withdrawals from your bank account that you can’t explain.
  • You stop getting bills or other mail.
  • Debt collectors call you about debts that aren’t yours.
  • You find unfamiliar accounts or charges on your credit report.
  • The IRS notifies you that a tax return was already filed in your name.
  • A company where you do business or have an account suffers a data security breach.

Despite taking preventative measures, identity theft can still happen. However, insurance may be purchased to help victims of identity theft through the often expensive and time consuming battle to clear their name. Depending on the insurance company, identity theft coverage may be included under a homeowners’ policy, or it may be added by endorsement or obtained under a separate, stand-alone policy.

If you would like to learn more about identity theft insurance coverage, please contact us.

If you would like to subscribe to our newsletters please click here.

Preventing Data Security Breaches

Every business must be able to identify the likeliest source of a data security breach so that they can also identify how to prevent it. Is it an executive’s laptop computer, the copy machine or the office’s wireless network? Could it be something else? Since the first step to preventing a data security breach is understanding the risk, it’s time to learn more about your business’s sensitive data.

Effective data security starts by assessing the kind of information a business has and identifying who has access to it. Evaluating data security vulnerabilities requires an understanding of how sensitive data moves into, through, and out of a business, and who has or could have access to it. Here are some tips from the Federal Trade Commission.

Take Inventory

Take an inventory of all devices and equipment capable of storing sensitive data, such as laptop computers, mobile devices, flash drives, off-site servers, disks and digital copiers. Do employees work from home? If so, add their home computers to the list.

The type and location of sensitive data should also be inventoried. Don’t stop with the office’s filing cabinets and computer systems. Sensitive data may also be received from other sources, such as websites, contractors or call centers. Every possible source and destination for sensitive data must be considered.

Track Sensitive Data

It is important to know how the business obtains, stores, shares and disposes of sensitive data. Every department should be consulted, including sales, information technology, human resources and accounting. Don’t forget about contractors and other third-party service providers.

This process should provide a business with a thorough understanding of:

  • Who provides sen­sitive data? Does it come from customers, credit card companies, banks or other financial institutions, credit bureaus, job applicants, contractors, third-party service providers?
  • How is sensitive data received? Does it come via phone, fax, mail or email? Is there a website designed to request and receive sensitive data? Are there any other possible entry points?
  • What kind of sensitive data is collected? Do business operations require or permit collecting financial information (credit cards, bank accounts, credit reports), personally identifying information (drivers’ licenses, social security numbers) or medical information?
  • Where is sensitive data stored? Is it kept on disks, tapes, laptops, smartphones, tablets or other mobile devices? Employees’ personal computers or mobile devices? Where are data backups and copies stored?
  • Who can access sensitive data? Is access to sensitive data limited to only those who need it? Are there security measures in place? Is sensitive data protected against unauthorized access by contractors or other third-party service providers?

Throughout this process, pay particular attention to certain kinds of sensitive data. Identity thieves typically look for social security numbers, credit card and other financial information.

Organizations should also consider protecting against data security breaches with insurance.Various cyber liability products are available to protect against privacy injuries, such as identity theft, and to cover the cost of complying with various data breach notice laws. Given the complexity of the risk, an experienced insurance agent should be consulted to ensure that adequate coverage is obtained. If you would like to learn more about insuring against data security breaches, contact us.

If you would like to subscribe to our newsletters please click here.