 |
IN FOCUS |
|
by Matthew W. Daus, Esq.[1]
President, International Association of Transportation Regulators
Distinguished Lecturer, University Transportation Research Center, Region 2
Contact: mdaus@windelsmarx.com
156 West 56th Street, New York, NY 10019
T. 212.237.1106 • F. 212.262.1215
|
Matt Daus Releases Comprehensive Report with International Travel
Managers for Limo/Black Car Industry to Share with Corporate Clients on TNC "Duty of Care" Risks:
"Caveat Emptor - May the U-Buyer Beware"
I am pleased to announce the release of a comprehensive report to be used internally by corporate lawyers, travel & risk management, and in house legal counsel. It is intended to be used as a tool identifying new and increased risks associated with using smartphone application technology deployed by so-called Transportation Network.
Companies ("TNCs"). The title of the report is: "Caveat Emptor - May the U-Buyer Beware."
This report was co-authored and peer reviewed by the Institute of Travel Management ("ITM") Reviewing Panel. The ITM is the leading professional body for buyers, managers and suppliers of business travel and meetings in the UK and Ireland.
It has more than 3000 members, and has been supporting the business travel industry since 1956. The ITM is a not for profit organization, partnered with the Chartered Institute
of Procurement & Supply (CIPS) and Global Business Travel Association (GBTA).
Travel managers and professionals have for decades developed processes, procedures and due diligence methods for ensuring the most cost effective, efficient, secure, and safe ground transportation options for the executives and employees at their corporations and firms.
This report addresses the TNC related "duty of care" issues and concerns of those in the profession. Aside from identification of these risks, this report identifies new recommended best practices for ensuring the use of new smartphone app technology to:
(1) safeguard employees;
(2) reduce costs;
(3) increase service efficiencies;
(4) ensure corporate data is safe and secure;
(5) �maintain passenger driver communication confidentiality;
(6) �insure that the corporate client shields itself from and reduces potential risks in terms of both legal liability and corporate brand damage due to association with transportation partners who violate the law or are experiencing negative media exposure.
The report highlights three regulatory approaches to for-hire regulation of smartphone app dispatch companies in New York City, California, London and other self-regulatory or de-regulatory common jurisdictional approaches.
The report also identifies the overall risks associated with allowing unregulated or loosely regulated market entry to such disruptive businesses.
Insurance Risks
Travel managers must be aware of the different insurance requirements for TNCs in each jurisdiction and set their own minimum standards to guarantee that their employees
are always protected.
The same levels of insurance required of government regulators for licensed black car, sedan or limousine services currently doing business under existing protocols, should be required of any TNC vendors who wish to bid on a Request for Proposal ("RFP").
Businesses seeking to engage in agreements with a TNC should ensure that the TNC has extensive rules in place requiring all of their vehicles to have comprehensive, fleet based insurance covering most risks associated with TNC services.
Driver Vetting
As further explained in the report, the consequences of less than thorough background checks can be seen in the many examples of TNC drivers attacking passengers all over the globe. That is why corporate lawyers and travel managers should require biometric based background checks for drivers associated with any business agreements between the company and the TNC.
This report recommends against doing business with transportation vendors where they are in a jurisdiction which either has no such vetting process, or that utilizes name checks instead of biometrics.
In the event that the travel manager elects to conduct business with TNCs utilizing name checks, they should require that all licensees of companies submitting RFPs may, at any time, be subject to an audit at the request of the company.
Privacy & Data Security Issues
Uber and other travel vendors have a function that Uber refers to as "God View," which allows employees to track the whereabouts of any customer who has ordered a car.
TNCs also collect information about users and their rides ("Consumer Data").[1]
However, of concern is how and why this tracking data is stored, used, and who it is shared with. Corporate lawyers and travel managers should ensure that TNCs that seek their business have enhanced data security programs implementing appropriate safeguards.
Safeguards to consider, discussed in this report, include:
(1) �whether the TNC imposes restrictions on access to data internally at their company and to private third parties;
(2) �whether security safeguards are in place and periodically tested to ensure that hackers cannot access TNC data;
(3) �whether TNC technology is Payment Card Industry (PCI) Compliant[2]; and
(4) �whether electronic trip sheet data is produced to any third party be it a regulatory agency, by court order, or otherwise and, if so, if companies with which a TNC engages are also subject to such production.
TNCs under a standard or special corporate travel vendor RFP issuance should be required to share employee trip data in real time, and without limitation.
- Hogan Lovells: Review and Assessment of Uber's Privacy Program.
- PCI standards include:
• building and maintaining a secure network;
• policies for protecting cardholder data;
• maintaining vulnerability management programs, such as antivirus programs;
• implementing strong access controls;
• regular system monitoring; and
• maintaining an information security policy.
See:http://searchcompliance.techtarget.com/definition/PCI-compliance.
- Dragna v. A & Z Transp., Inc., No. CIV.A. 12-449-SDD, 2015 WL 729844 (M.D. La. Feb. 19, 2015).
Negligent Hiring as a Corporate Legal Liability
An employer can be held responsible (or "liable") if an employee, or in some cases an independent contractor, causes harm to another employee or outside third party.[3]
A higher standard of vetting and safety measures, such as the measures discussed in this report, should be the focus of travel managers in order to protect themselves, their clients, and vendors from exposure to unnecessary litigation, avoidable costs, and brand damage.
In-house corporate counsel should work closely with travel managers and regulatory counsel to ensure that the risks of liability are minimized.
Reputational & Environmental Harm - Higher Travel Costs
This report also discusses overall externalities, including: reputational harm, environmental and cost concerns associated with surge pricing and congestion, excessive work hours, accessible service, and tax avoidance.
TNCs have made international headlines for crimes perpetrated by drivers, and travel managers must be cautious with the companies they associate with and the potential risk of reputational harm that may be incurred before contracting or allowing their employees to use their services.
As further explained in the report, corporate counsel must work into vendor agreements with TNCs the right to cancel contracts under such circumstances, and to hold the TNCs responsible for any resulting reputational damage.
The impact of TNCs proliferation on the environment is also an important concern for corporations, as the TNC business model is dependent on flooding the roads with massive amounts of vehicles. This threatens corporate sustainability policies and efforts to reduce pollution and congestion as well as overall corporate travel costs.
Furthermore, TNCs use of surge pricing incentivizes drivers to crowd even more vehicles onto already congested areas which may cause additional traffic and slow rates of travel, and costs to all businesses and persons negatively impacted by gridlock.
It should not be an option for employees to e-hail a TNC if surge pricing is in place, and companies that do allow non-vendor TNC travel reimbursement should ban reimbursement for any surge pricing whatsoever.
An alternative safeguard would be to prohibit employees from accepting e-hails from TNCs altogether if surge pricing is in effect.
Wheelchair Accessibility
Travel managers are responsible for providing service for their entire employee population including the disabled. TNCs may not offer equivalent service for people with disabilities in many jurisdictions.
In most jurisdictions, TNCs do not offer a service for passengers with non-foldable wheelchairs. Moreover, drivers are not trained to accommodate people with disabled needs.
Before contracting with a transportation provider, travel managers must ensure that TNCs are able to provide services to disabled passengers. These requirements should be set forth in the RFP with any TNC so that the travel manager is ensured that there is compliance with any disability rights laws, and that there is service available for disabled employees.
Also, the brand or reputational damage that results from a non-disabled-friendly TNC being associated with the buyer is cause for concern as to whether there should even be a business relationship.
Tax Avoidance - Corporate & Social Responsibility
TNCs are known to use a complex web of tax havens and shelters to avoid paying corporation and value added tax (VAT) in jurisdictions outside of the United States. These actions may be perceived as a shirking of social corporate responsibility, harming the tax base of nations around the world.
As governments may work to address the loopholes used by TNCs for tax avoidance, corporations doing business with them risk brand tarnishment for associating with or tacitly condoning such behavior. This report recommends, as a pre-condition to any RFP or business arrangement, that complete tax compliance be demonstrated and that questions be permitted at any time about the tax structure.
What To Do With This Report?!
Should corporate buyers decide to do business with TNCs, a wide variety of professionals within the buyer company, and external regulatory and/or legal specialists, should be consulted. They should work together to minimize risk and to create a separate RFP for TNCs that is more stringent in the many specific ways recommended in this report.
Only by placing appropriate due diligence mechanisms in place can the buyer company be adequately protected from legal liability, harm to employees and corporate brand damage.
Corporate travel organizations as well as individual ground transportation companies and industry trade groups should share this report with their clients and travel managers.
Travel managers, in turn, should make this report and the facts and best practices it contains, available to internal corporate travel decision makers including but not limited to risk managers, CEOs and other high level executives, in house counsel, public relations/marketing, sustainability and Equal Employment Opportunity or diversity officers.
Travel managers should take the approach of an even more alert and heightened sense of caution - best summarized by the Latin phrase - Caveat Emptor - or "Let the Buyer Beware!"
The full "Caveat Emptor - May the U-Buyer Beware" Report can be accessed by contacting Professor Matthew W. Daus, Esq. at mdaus@windelsmarx.com.
- Hogan Lovells: Review and Assessment of Uber's Privacy Program.
- PCI standards include building and maintaining a secure network; policies for protecting cardholder data; maintaining vulnerability management programs, such as antivirus programs; implementing strong access controls; regular system monitoring and maintaining an information security policy. See: http://searchcompliance.techtarget.com/definition/PCI-compliance.
- Dragna v. A & Z Transp., Inc., No. CIV.A. 12-449-SDD, 2015 WL 729844 (M.D. La. Feb. 19, 2015).
