On March 7, 2023, the National Labor Relations Board (NLRB) and the Consumer Financial Protection Bureau (CFPB) signed a Memorandum of Understanding (“CFPB MOU”) that created a formal partnership between the two agencies. Per the CFPB MOU, the basis for this collaboration is a shared interest in “protecting American consumers and workers” to “better root out financial practices that harm workers,” to “enhance the enforcement of federal laws,” and to coordinate interagency goals, outreach and training. According to the NLRB, the targeted practices are “employer surveillance, monitoring, data collection, and employer-driven debt,” which can include employee-purchased equipment, supplies or required training. The CFPB’s focus is on practices in the “gig economy” and although “employer surveillance and employer-driven debt” are areas of “immediate concern,” the CFPB’s specific concern is directed to companies that may violate the Fair Credit Reporting Act by selling worker surveillance data and that as to employer-driven debt, the required purchases may not be competitively priced and/or may subject the employee to debt collection efforts.
At its core, the CFPB MOU’s purpose is to “share information and preserve the confidentiality of that information to serve the objectives of this [CFPB] MOU.” (CFPB MOU, §II.) Notably, the CFPB MOU provides that all shared information – whether oral, written, or electronic – constitutes “nonpublic information” that is considered confidential and not subject to disclosure unless the party providing the information “expressly consents or designates the information as publicly available.” (CFPB MOU, §III.) Thus, both the information sought as well as the information provided by either agency are shielded from the employers’ view.
Even though the CFPB MOU does not create new obligations (MOU, §VI), it potentially increases risk and liability for employers, not only because of this confidential information sharing, but because it is the fifth interagency collaboration the NLRB has established since formalizing its initiative on February 10, 2022, in Memorandum GC 22-03, discussed here.
The NLRB has entered into an unprecedented five MOUs with other federal agencies since Jennifer Abruzzo’s appointment as NLRB General Counsel (“GC”) on July 22, 2021. Just four months into her appointment, the NLRB entered into an MOU on November 29, 2021 with the Office of Labor Management Standards (OLMS) to share investigatory information and a second MOU on December 8, with the Department of Labor Wage and Hour Division to share information, including investigation files and complaint referrals, in support of both agencies’ enforcement mandates. In July 2022, a third MOU was entered into with the Federal Trade Commission to “root out practices that harm workers in the ‘gig economy,’” and a fourth MOU was entered into with the Department of Justice Antitrust Division. Contrast this activity with the prior GC who entered into just two MOUs during their tenure from November 17, 2017 to January 20, 2021. Notably, only one of these MOUs under the prior GC referenced sharing information and even then only contemplated a “formal information sharing agreement at a future date.”
As a practical matter, the NLRB’s increased focus on interagency collaboration and confidential information sharing may result in employers potentially finding themselves under investigation from multiple agencies based on the same workplace action or practice. Even if the investigating agency does not have enforcement authority, these multiple MOUs may allow the matter to be readily referred to an agency with enforcement authority.
For the CFPB MOU, the targeted practices are ones that are governed by a variety of laws, including federal law (Fair Labor Standards Act, Occupational Health and Safety Act, Fair Credit Reporting Act) and California law (Wage laws and Wage Orders, Cal/OSHA, and the California Privacy Rights Act of 2020), and employers should already be in compliance with these rules. Nonetheless, employers should carefully review their policies and practices to be sure they comply with applicable federal and state law with respect to: employee monitoring; workplace tracking or surveillance programs or tools; retention, use, and protection of any employee data collected, including data generated by any such programs or tools; any required employee purchases; employee-provided equipment or tools; and payment for any required employee training.