Under the California Transparency in Supply Chains Act of 2010 (effective January 1, 2012) all manufacturers (and retailers) with annual worldwide gross receipts over $100 million who "do business" (a low threshold) in California must disclose on their websites what efforts they have taken to eliminate forced labor and human trafficking from their worldwide supply chains.
Although the California Act's basic goals and mechanics are now generally understood by supply chain and compliance professionals, a visit to your favorite manufacturer or retailer's homepage will likely reveal a surprising level of confusion over a basic requirement, namely, where the disclosure must be announced.
How Do Companies Fail to Comply?
Many companies subject to the California Act -- and particularly those that are public-facing -- provide at least the basic disclosures required by the law. But most do not comply with the lesser-known requirement to include a "conspicuous and easily understood" link to the disclosures on the company homepage. After all, California Senate Bill 657, Section 3(b) explicitly provides that:
"The [required] disclosure ... shall be posted on the retail seller's or manufacturer's Internet website with a conspicuous and easily understood link to the required information placed on the business' homepage."
An informal review of websites reveals that most companies presently fail to post the required homepage link, let alone a link that is "conspicuous and easily understood." Many, moreover, either fail to address the specific disclosures set forth in the Act, and/or overpromise on what they will do to eliminate the scourge of human trafficking from their supply chains.
What seems like a minor mistake can have major consequences. Without a link from the homepage, no matter how extensive the disclosure, a company is out of compliance with the California Act's most basic (not to mention explicit) requirement.
Failure to comply with the Act can lead to:
- Court-ordered injunctive relief by the California Attorney General;
- Consumer group boycotts;
- Advocacy group pressures and "naming & shaming" campaigns;
- Federal Trade Commission Action;
- Class action lawsuits.
Back to Basics: So What is a Homepage Under the California Act?
The California Act unfortunately fails to define what it means by "homepage." True, the term "homepage" may seem too obvious to necessitate definition. But what to do about a mobile app, a flash introductory page, or different entry-points for different divisions?
Even if a company's homepage is obvious, moreover, its marketing or web design department may closely guard it, making changes -- even those prompted by black & white legal requirements -- a challenge.
To begin our hunt for guidance, we first look to other California statutes. The word "homepage" is, indeed, scattered throughout the California Code. More specifically, at least three statutes provide some clarification as to what California considers to be a "homepage":
- Requiring a company to link to privacy rights refers to "the homepage or the first significant page after entering the website" (California Business and Professional Code § 22577);
- Requiring a company to post medical product recall notices on "the homepage or first point of entry of its website" (California Health and Safety Code § 1368.015);
- Requiring a link to a grievance form describes a homepage as "the first page or welcome page of an Internet website that serves as a starting point for navigation of the Internet website" (California Health and Safety Code § 108046).
Distilling the above into practical guidance -- always a challenge -- we believe that any webpage that is the gateway to a subject company's website must include a conspicuous link to its Act disclosures. This, moreover, includes all platforms, from a consumer's desktop to his or her mobile device.
If a consumer is using a webpage screen, no matter the size or nature of the screen, as a gateway to access the rest of the site, that first point of entry must include a link to the company's disclosures.
What Does it Take for a Link to be "Conspicuous and Clearly Understood"?
As with the term "homepage," the Act does not define "conspicuously and easily understood." In search of an answer, we return to California's privacy rights disclosure law. Under this law, a company must "conspicuously post" its privacy policy on its website, either on the homepage or linked from the homepage. California's privacy rights disclosure law provides that linking icons or text must:
- Include the word "privacy";
- Use a color contrasting with the background color or is otherwise distinguishable;
- Be in capital letters equal to or greater in size than surrounding text;
- Be so displayed that a reasonable person would notice it.
Although the language is not identical, the intent appears to be on all fours. Best-practice compliance with the California Act, therefore, likely requires a company to include on its homepage (1) a clearly labeled link, (2) in contrasting colors, (3) in a reasonable location, and (4) of approximately the same size as other links surrounding it. The subject company, moreover, need not use the complete name of the law, but should shorten the link in a way that is easily understood (e.g., "CA Supply Chains Act" or "Transparency in Supply Chains" instead of an acronym "CTSCA").
What's the Rush?
To date, the California Attorney General has not opted to seek injunctive relief under the Act against any company. But change is clearly in the air.
No later than November 30, 2012, the California Franchise Tax Board was required to finalize and transmit to the Attorney General its working list of companies subject to review. With this (non-public) list now complete and turned over, and given how much of a compliance "hot topic" human trafficking and force labor have become, the smart money is on enforcement starting sooner rather than later.
Of course, comprehensive compliance with the California Act cannot be achieved by simply putting the appropriate link in the appropriate place. But, for starters at least, this is certainly a first step in the right direction.
Elizabeth Breakstone is an associate in the Corporate Governance and Transactions and Emerging Companies groups at Perkins Coie and a member of the firm's Corporate Social Responsibility and Supply Chain Compliance Practice.
T. Markus Funk is a White Collar Defense and Internal Investigations partner at Perkins Coie, where he co-heads the firm's Corporate Social Responsibility and Supply Chain Compliance Practice. He is also the co-author of Child Exploitation and Trafficking: Examining the Global Challenges and U.S. Responses (2012, co-authored with Chicago U.S. District Judge Virginia M. Kendall), serves on the ABA's Presidential Anti-Trafficking Task Force, and is the co-chair of the ABA's Corporate Social Responsibility and Forced Labor Task Force. From 2000-2010, Markus was a federal prosecutor in Chicago, and from 2004-06 he lived in Pristina, Kosovo where he led USDOJ and State Department efforts to combat human trafficking and corruption.
Paul Hirose is senior counsel with Perkins Coie's Business Litigation practice, where he possesses extensive experience representing clients in a variety of industries. He is also a member of the firm's Corporate Social Responsibility and Supply Chain Compliance Practice.