As appeared in Law360, on 7/23/2010.

The Consumer Product Safety Improvement Act of 2008 (CPSIA) has increased safety standards and testing/certification requirements for manufacturers, distributors, and retailers of consumer products. 

The U.S. Consumer Product Safety Commission ("CPSC") has redoubled its dedication to enforcing regulations and monitoring product hazards and non-compliance, and the CPSIA grants the CPSC the authority to levy significantly larger penalties for violations of the laws and regulations governing consumer products.

The CPSIA also requires the CPSC to establish and maintain a publicly available, searchable electronic database of complaints, which will be accessible through the CPSC's website.[1] The CPSC expects the database to be available by March 2011.[2]

Some commentators have voiced concerns that the planned incident database may provide a means for inaccurate, unverified, or unreliable information to become publicly available and that such information could be misused.

While concerns regarding the future database are warranted, this article focuses on the existing challenge of protecting confidential or otherwise sensitive information from disclosure to requesting parties pursuant to the Freedom of Information Act (FOIA). 

 The CPSC's Procedure for Handling FOIA Requests

Anyone can submit a FOIA request to the CPSC.  The CPSC will review the information or documents identified in the request, and if the information requested would allow the public to readily ascertain a company's identity, the CPSC will afford that company an opportunity to comment on or otherwise object to the disclosure of that information before the CPSC responds to the FOIA request.  In responding to a FOIA request, the CPSC's policy favors disclosure.[3]

However, the CPSC also recognizes the importance of fostering candid communications with companies by ensuring the protection of confidential information.  In order to effectively avail itself of those protections, a company should be aware of the types of information contained in CPSC files, must be proactive in taking advantage of opportunities to comment or object to disclosure, and must follow proper procedures when commenting or objecting to disclosure.

Preventing the Disclosure of Confidential Information

CPSC files relating to a product or a manufacturer typically include consumer complaints, incident reports, and documents related to CPSC investigations.  Files also may contain sensitive business information such as trade secrets, manufacturing or engineering specifications, or financial information.

Although a FOIA request risks disclosure of this confidential business information, statutes and regulations exist that are designed to protect this type of information from disclosure to the public.  And, while the CPSC makes efforts to prevent disclosure of confidential information, a company can take certain steps that increase the likelihood that such information will remain confidential.           

The protection afforded to a company that will be identified by the disclosure of information is generally broad.  The CPSC should not disclose information if the disclosure is prohibited by law or if such disclosure is against the public interest.

Prior to disclosing any information in a manner that will permit the public to readily ascertain the identity of a company, the CPSC must take reasonable steps to ensure that the information is accurate, and ensure disclosure is fair under the circumstances and reasonably related to effectuating the purposes of the Consumer Product Safety Act (CPSA).[4]

The law prohibits the CPSC from disclosing documents that contain or relate to a company's trade secrets or other confidential business information.[5]  If the CPSC determines that disclosure is appropriate, it must afford the company an opportunity to review the documents and mark them confidential or otherwise provide comment.[6] 

Generally, the company only has fifteen days to comment once notice is received from the CPSC indicating its intent to disclose.[7]  A company may request an extension of the time to provide comment, and an extension will most likely be granted where the records to be reviewed are voluminous or complex in nature.[8] 

A company requesting exempt status to prevent disclosure of a trade secret or confidential business information must:

1. specifically identify the exact portion(s) of the document claimed to be confidential;
2. state whether the information claimed to be confidential has ever been released in any manner to a person who was not an employee or in a confidential relationship with the company;
3. state whether the information so specified is commonly known within the industry or is readily ascertainable by outside persons with a minimum of time and effort;
4. state how release of the information so specified would be likely to cause substantial harm to the company's competitive position; and
5. state whether the submitter is authorized to make claims of confidentiality on behalf of the person or organization concerned.[9]

A company must follow this procedure any time it requests exempt status for documents subject to a FOIA request.  The CPSC views a failure to make a request for exempt status as an acknowledgement that the company does not wish to claim exempt status.[10] 

Protecting Information Submitted to the CPSC by the Company

In addition to information obtained through consumer complaints and CPSC investigation reports, CPSC files may contain confidential business information provided to the CPSC by the company itself pursuant to section 15(b) reporting requirements.[11] 

The CPSC is prohibited from disclosing such information unless the CPSC has issued a complaint or order regarding a failure to comply, a substantial product hazard, or an unreasonable risk of serious injury or death relating to the product.[12]   This protection also extends to portions of documents generated by the CPSC that contain, summarize, or analyze such information.[13] 

Protecting confidential business information from disclosure promotes a free exchange of information between companies and the CPSC by eliminating the risk that such information will become public knowledge. 

Also, when the CPSC receives information about a product through complaints or CPSC investigation reports concerning injuries or incidents involving a product, it will offer the company an opportunity to review such information and comment even if no FOIA request for the information has been submitted.[14] 

Although no comment is required, carefully reviewing this information and submitting meaningful comment to the CPSC when appropriate will ease the burden of commenting to future FOIA requests for the same information.

Whenever a company submits information to the CPSC pursuant to its section 15(b) reporting requirements, or in response to any opportunity to comment, it should identify the information accordingly.  This will allow the CPSC to easily identify the information as protected and thus withhold it from future disclosure without requiring further comment from the company.  

Conclusion 

The CPSC generally seeks to work with companies to ensure they are afforded the protections provided by the law, and companies can in turn assist the CPSC in identifying information exempt from disclosure. 

While the CPSC actively reviews documents prior to disclosing them in an effort to determine whether an exemption applies, a company should take advantage of every opportunity to conduct its own review to identify materials potentially exempt from disclosure. 

Being proactive and following the proper procedures when submitting information to the CPSC and commenting on information in CPSC files when the opportunity arises will enhance the likelihood that protected, sensitive information will remain protected from disclosure pursuant to a FOIA request.

[1] 15 U.S.C. § 2055.

[2] See U.S. Consumer Product Safety Commission Chief FOIA Officer Report to the Department of Justice Pursuant to Attorney General Holder's FOIA Guidelines, available at http://www.cpsc.gov/LIBRARY/ FOIA/foia033010.pdf- 26.0KB. 

[3] 16 CFR § 1015.1(b). 

[4] 15 USC § 2055(b)(1).

[5] 15 USC § 2055(a)(2). 

[6] 15 USC § 2055(a)(3). 

[7] Id. 

[8] See 16 CFR § 1101.22.

[9] 16 CFR § 1015.18(c). 

[10] 16 CFR § 1015.18(b). 

[11] See 15 USC § 2064(b).  Every manufacturer, distributor, and retailer of a product is required to immediately notify the CPSC if it obtains information which reasonably supports the conclusion that a product fails to comply with any applicable consumer product safety rule, regulation, ban, or other standard enforced by the Commission, contains a defect which could create a substantial product hazard, or creates an unreasonable risk of serious injury or death.  

[12] See 15 USC § 2064; 15 U.S.C. § 2055(b)(5).

[13] 16 CFR § 1101.63.

[14] Offers to comment under these circumstances are provided to companies according to the rules set forth in CPSA section 6. 15 USC § 2055.  

Logo Downloads