1. Home
  2. |Insights
  3. |New York City Issues Proposed Regulations on Law Governing Automated Employment Decision Tools

New York City Issues Proposed Regulations on Law Governing Automated Employment Decision Tools

Client Alert | 4 min read | 10.14.22

On September 23, 2022, the NYC Department of Consumer Welfare and Protection (“DCWP”) issued proposed regulations clarifying Local Law 144.  Local Law 144, which is currently scheduled to go into effect January 1, 2023, prohibits the use of any automated employment decision tool (“AEDT”) unless the tool has been subject to a bias audit by an independent auditor within a year prior to the use of such tool.  The law also requires employers or employment agencies to publish the results of the bias audit, as well as to provide notice to candidates prior to the use of any AEDTs.  The proposed rules address some of the many questions left unanswered in the text of the law, including by further defining and clarifying the uses of AEDTs covered under the law and providing additional detail on the requirements of a bias audit and notice to candidates. 

Comments on the proposed regulations must be submitted to DCWP by October 24, 2022, and a public hearing will be held on that date.

Defining the Scope of Covered AEDTs

Local Law 144 defines AEDTs as computational processes “derived from machine learning, statistical modeling, data analytics, or artificial intelligence” that issue a “simplified output” (e.g. a score, classification, or recommendation), that “is used to substantially assist or replace discretionary decision making.” 

The proposed regulations define the phrase “machine learning, statistical modeling, data analytics, or artificial intelligence,” as tools that generate a prediction or classification regarding a candidate for which a computer at least in part identifies the inputs, weighs the relative importance, and refines the inputs using cross-validation or training and testing data.  The proposed regulations also clarify that an AEDT “substantially assist[s] or replace[s] discretionary decision making” when an employer solely relies upon, or weighs more heavily than any other criterion, the simplified output provided by the AEDT, or when such simplified output is used to overrule or modify conclusions derived from other factors, including human decision making. 

These definitions help to clarify some of the ambiguity as to what constitutes an AEDT under the law, making it clear that the law covers a broad swath of computer processes and tools when the output of such tools is dispositive to a hiring or promotion decision.

Requirements of a Bias Audit

The proposed regulations also clarify an employer’s obligations with regard to conducting and publishing the results of a bias audit.  First, the proposed regulations clarify that the “independent auditor” must be “a person or group that is not involved in using or developing” the AEDT.  Read literally, this clarification would mean that an employer that uses the AEDT cannot conduct the bias audit, nor could a vendor that develops the AEDT.  However, this clarification does appear to permit an employer to rely upon a bias audit conducted by a third party, perhaps even when the third-party audit result is supplied by the vendor of the AEDT.

Second, under the proposed regulations, the bias audit must calculate a “selection rate” as well as an “impact ratio” for each category required to be reported by employers on the Equal Employment Opportunity Commissioner Employer Information Report EEO-1.  This approach, according to the proposed regulations, is intended to be consistent with the approach to adverse impact that is set forth in the Uniform Guidelines on Employee Selection Procedures at the federal level.

Employers utilizing such AEDTs must make a summary of the results of such bias audit – as well as the date the audit was performed and the date the AEDT began to be used – available on the careers or jobs section of the employer’s website prior to the use of the AEDT.  The summary of the results must contain the selection rates and impact ratios for all categories.  This information must remain available for six months after the last use of the AEDT.

Notice to Candidates

Finally, the proposed regulations clarify that notice of the bias audit is only required to be provided to candidates who have applied for a specific position and not to candidates who have only expressed a generalized interest in employment.  Notice must be provided to a candidate or employee at least ten days prior to the use of an AEDT and may be provided via the careers or jobs section of the employer’s or employment agency’s website, in a job posting, or via mail or email, or, in the case of an existing employee, written notice may be provided in person.  Notice to candidates must include instructions for how to request an alternative selection process or accommodation. While the underlying law states that employers must “allow a candidate to request an alternative selection process or accommodation,” the rules do not require that an employer or employment agency provide an alternative selection process, absent any accommodation requirement, presumably under other existing law(s).

While the proposed rules are designed to provide greater clarity as to the requirements imposed on employers, there remain many areas where the requirements are ambiguous and ill-defined. In addition, some of the examples that are included in the proposed regulations, including the examples relating to bias audits, only add greater ambiguity to the statutory requirements.  We will continue to monitor the evolution of the proposed regulations and provide updates as warranted.

Insights

Client Alert | 3 min read | 12.13.24

New FTC Telemarketing Sales Rule Amendments

The Federal Trade Commission (“FTC”)  recently announced that it approved final amendments to its Telemarketing Sales Rule (“TSR”), broadening the rule’s coverage to inbound calls for technical support (“Tech Support”) services. For example, if a Tech Support company presents a pop-up alert (such as one that claims consumers’ computers or other devices are infected with malware or other problems) or uses a direct mail solicitation to induce consumers to call about Tech Support services, that conduct would violate the amended TSR. ...