Introduction

             The #MeToo movement is a worldwide phenomenon.  Since October 2017, the hashtag has trended in at least 85 countries, and in dozens of languages—for example, #YoTambien in Spanish, #MoiAussi or #BalanceTonPorc in French, #QuellaVoltaChe in Italian, #Ятоже in Russian, גםאנחנו# in Hebrew, and أنا_كمان# in Arabic. 

             As the #MeToo movement gains momentum, global employers must recognize that the likely increase in complaints won’t be limited to the US,[1] given that about two-thirds of countries around the world have laws that prohibit workplace sexual harassment.[2]  This article highlights some of the many anti-sexual harassment laws around the globe, offers “best practice” tips for creating a harassment-free workplace culture outside the US, and examines how to conduct a thorough investigation if a global employer finds itself facing a sexual harassment claim, especially in light of onerous data privacy laws and limited attorney-client privilege outside the US.

  1. First Thing’s First: Make Best Efforts to Avoid a #MeToo Moment

             No employer wants to be the next #MeToo cover story, and so, as the old adage goes, an ounce of prevention is worth a pound of cure.  In this case, preventive medicine includes implementing and following anti-sexual harassment policies and making sure all employees are aware of them — and providing sexual harassment training to all employees.  While these are good practices generally, such practices may be legally required in some countries.  For example, Belgium, France, India, Japan, the Netherlands, and some provinces in Canada (including Ontario, Saskatchewan, and Manitoba) require employers to implement anti-sexual harassment policies.  And employers must provide broader anti-harassment training to employees in India, South Korea, Taiwan, and some provinces in Canada (including Ontario and British Columbia).

             Employers who fail to comply with these requirements can face serious consequences.  In many countries, victims can sue employers and hold them liable for their employees’ unlawful actions.  The good news is that employers can protect themselves by making sure all employees are aware of prohibitions on sexual harassment — thus reducing the chances of harassment occurring in the first place.  What is more, in the event that an employee does engage in harassment, employers should be able to identify the steps they have taken to educate and protect their workforce, including through the use of anti-harassment policies and training.

  1. In the Event of Harassment Allegations, Investigate All Complaints

             Whether located in the US or abroad, most companies have good intentions when it comes to creating a harassment-free workplace.  But what specifically should companies do when faced with a sexual harassment complaint outside the US?  As in the US, the first step will generally be to promptly investigate the allegations.  In fact, some countries — including Austria, Chile, Costa Rica, India, Japan, and South Africa — expressly require employers to investigate sexual harassment complaints.  Countries such as Chile and India have laws that enumerate specific  minimum requirements for investigations, including the maximum number of days employers can take to complete investigations and make decisions based on their findings.

             Along the way, investigators must navigate numerous pitfalls to uncover the truth behind any harassment allegations while best protecting the company.  These pitfalls are both more numerous and more involved in the context of global investigations, where the relevant employees, allegations, and documents might span several countries and various different laws.  For instance, some countries (e.g., India and France) require companies to consult with certain employee representative groups.  In India, companies must have internal complaints committees to investigate sexual harassment complaints, and in France, companies must consult with a health and safety committee with respect to harassment investigations.  In practice, this means investigations can drag on for weeks before the employer can finally resolve the claims.

A.             Determine the Scope of Attorney-Client Privilege

             Attorney-client privilege is a critical component of many US-based investigations. However, when conducting a global investigation, companies should determine whether and how the attorney-client privilege applies to communications made during the investigation.  Generally, common law countries such as the UK, Australia, Canada, New Zealand, Hong Kong, India, and Singapore recognize the privilege, though they may interpret it and apply it differently than US courts do.  In India, for instance, the privilege exists for outside counsel but not for in-house counsel.

             On the other hand, most civil law countries across the EU, Middle East, and Asia Pacific do not have an attorney-client privilege equivalent, although they do generally require attorneys to maintain the confidentiality of client communications.  For more information on attorney-client privilege around the globe, visit the DLA Piper Privilege Handbook, available here.

             Often in global investigations, documents or information are sent from one country to another, whether because the actors are spread across various countries (e.g., where a regional manager is accused of harassing employees in various countries in his/her territory) or simply for ease of review.  However, companies must take into account that documents protected in one country may be subject to production in another country if they are sent there.  Let’s say counsel is conducting an investigation abroad, in a country that does not recognize attorney-client privilege.  Should he or she still give an Upjohn-like warning to employees being interviewed?  If there’s any chance that the matter may be litigated in the US, then the answer is yes, in order to preserve the privilege here.    

B.             Consider the Impact of Data Privacy Laws outside the US

             When conducting internal investigations, companies and their counsel must also consider data privacy issues.  More than 100 countries around the world have data protection laws that give employees certain rights with respect to their personal data, including the right to notice regarding the types of personal information that a company might obtain, how it will use that data, and to whom the data will be disclosed; the right to consent or refuse consent to the collection, use, and sharing of that data; and the right to correct erroneous data.  Data protection laws also set out requirements for and limits to collecting personal information and sharing with third parties and outside of the country.  These rules apply when conducting investigations and sharing the results of the investigations.

             The most talked about data protection law right now is the EU’s General Data Protection Regulation (GDPR), which took effect on May 25, 2018.  GDPR requires employers to have a legal basis or good reason to collect, use, or share personal information.  Potential legal bases include:

  • the processing is necessary for the company to comply with a EU legal obligation (a US statute or regulation would generally not be sufficient);
  • the processing is necessary for the purposes of legitimate interests of the company or of a third party to whom the data are disclosed, except where the individual’s interest in his or her fundamental rights and freedoms override those interests;
  • the processing is necessary to perform a contract to which the individual is party (e.g., the employment contract); or
  • the individual has unambiguously consented to the processing (though beware that express consent can be freely revoked at any time under GDPR).

             Further, the GDPR imposes restrictions on sharing personal information outside the European Economic Area (EEA).  Importantly, the European Commission has determined that the US does not provide adequate protection for personal information, so companies will be limited in their ability to transfer personal data into the US, which can present logistical nightmares for global companies headquartered in the US.  As such, companies with workforces in the EU should take the following steps as soon as possible and in any event before obtaining, using, or transferring personal information:

  • update privacy notices, which must include, among other things: a description of the categories of personal data that the company will process, the purposes for which the personal data will be processed, information about third-party transfers, legal grounds for the transfer, whether there will be a transfer to countries outside the EEA that do not provide adequate protection (e.g., US), and that the employee has the right to withdraw consent and to file a complaint with the supervisory authority;
  • update privacy policies and procedures;
  • create or update intra-group data transfer agreements;
  • provide employees with data privacy training; and
  • if non-EEA countries are in scope, implement additional safeguards (e.g., model contract clauses).

             Of course data privacy considerations are not limited to GDPR and the EU, and companies should be aware of data privacy rules in any jurisdiction where they have employees.

C.             Consider Public Relations Strategy

             Finally, while not a strict legal requirement, companies also should have a plan of action for when information about investigations abroad is disclosed so they are able to respond quickly and minimize the effects of the negative press.  We are living in a world where information travels rapidly across the world via social media and other online platforms.  For employers, this means that stories about sexual misconduct abroad can easily make it into the morning newsfeed of consumers at home and create a public backlash.  A recent Harvard Business School study found that when people learn about sexual harassment claims being made in an organization, they view the organization as having a cultural problem and being less equitable than organizations engaged in other unlawful acts, including financial misconduct.  The same study found that addressing the allegations in a timely, informative manner that shows consideration for the victim can minimize public backlash.  As such, companies should not neglect their public response to harassment allegations.

Conclusion

             As the #MeToo movement continues to make waves worldwide, the number of workplace sexual harassment complaints is likely to increase in the short term — not just in the US, but globally.  But as companies take steps to  prevent sexual harassment and react appropriately when it does occur, there is real hope that workplace attitudes and cultures will ultimately shift — and the number of complaints may eventually decrease.  Until that time, here are some steps companies can take to limit their liability or legal exposure with respect to harassment claims:

  • understand and comply with local laws governing sexual harassment;
  • update sexual harassment policy to ensure that it clearly prohibits sexual harassment, provides examples of sexual harassment, establishes the scope of the policy and to whom it applies, and contains a clear procedure for reporting incidents that mitigates retaliation against victims of or witnesses to unlawful harassment;
  • provide periodic training to all employees on the company’s sexual harassment policy and create an environment where employees feel comfortable raising concerns;
  • have a protocol in place for investigations so concerns can be addressed in a timely manner. If needed, take remedial actions, including moving the affected employee’s workspace or changing his/her work schedule (if required or if the employee requests such accommodations) to prevent further inappropriate actions by the accused. Also, provide training to professionals conducting the investigation to ensure that investigations are fair and comply with relevant legal standards; and
  • keep victims informed about the timeline of investigations and any remedial measures the company has taken, and advise them to report any ongoing inappropriate conduct. When the investigations end and remedial measures are no longer in place, the company should follow up with all complainants to ensure they are no longer experiencing ongoing harassment and feel safe in the workplace.

             Employers and outside counsel can face many pitfalls when conducting any internal investigation, especially in the case of a global investigation.  However, with preparation, good judgment, and knowledge of local laws, global investigations can be a useful and (relatively) safe tool to make lawful and effective employment decisions following a sexual harassment complaint.

[1] The 50% increase in sexual harassment lawsuits filed by the Equal Employment Opportunity Commission in the United States, along with $23 million in increased recovery since October 2017, provides a cautionary tale for anyone who believes the #metoo movement is slowing down.  https://www.eeoc.gov/eeoc/newsroom/release/10-4-18.cfm

[2] https://ph.ucla.edu/sexual-harassment-explicitly-prohibited-workplace