New York City Local Law 144 (NYC Bias Audit Law) is officially in force. As of 5 July, every employer or employment agency that uses automated employment decision tools (AEDTs) in New York City is now legally bound to obtain an independent bias audit of these systems.
The audit must be repeated at least annually, and organisations that fall within the act's scope are required to post a summary of the results on their official website or in a written policy or procedure for promotion candidates. The audit must cover, at minimum, protected characteristics as outlined by the Equal Employment Commission. Companies that fail to notify candidates and employees at least 10 days in advance that they will be screened using AEDTs will also be considered non-compliant.
Motivated by a desire to increase transparency and mitigate the risk of prejudice perpetuated by AEDTs, the law imposes legal penalties on those who fail to comply, while there is also the distinct threat of reputational and operational damage.
Employers found in breach of these regulations may encounter significant fines, be subjected to potential litigation from impacted individuals, and potentially face human rights claims. Therefore, it is paramount to comprehend the associated risks and adopt a proactive stance towards guaranteeing adherence to the legislation.
As per Local Law 144, an AEDT is a system that relies on machine learning, statistical modeling, artificial intelligence, or data analytics. These systems generate simplified outputs like scores, categories, or recommendations that help significantly in making decisions related to employment.
Essentially, they supplement or even replace the need for human discretion in employment decisions, such as hiring or promoting. Any company that uses AEDTs is subject to the law.
The legislation, however, specifies that not all tools fall under this category. Tools that do not have a considerable impact on people or don't automate, back up, or majorly aid decision-making processes are not regarded as AEDTs. This can include things like spam email filters, databases, firewalls, antivirus software, calculators, and datasets.
One instance of non-compliance will land businesses with a single civil penalty, while multiple violations will see fines racked up incrementally. The penalties and terms, which are outlined under section 20-872 of Local Law 144, are as follows:
Therefore, if a company commits one default on, say, a Monday and fails to get compliant for a week, they face maximum fines of $500 for the first day and $1,500 for every day thereafter – so by Sunday, they could have racked up penalties $9000 in total for the first week of non-compliance.
The following week, every day of non-compliance comes with a maximum penalty of $1,500, so another $10,500 could potentially be added to the bill.
It is important to note that specific penalties – within the $500-1,500 threshold – would be determined by the relevant enforcement body or court. It is also unclear at this stage whether using an AEDT for multiple decisions would entail multiple penalties, in which case fines would accrue exponentially.
The law as published in the New York City code library delineates between ‘violations’ and ‘defaults’, with the latter being the failure to respond to or correct a violation. There are slight variations between the associated charges for the two offences, details of which can be found here.
The penalties for non-compliance are not limited to the financial domain. There is also the potential risk of lawsuits by individuals who believe they have been adversely impacted by a company's non-compliant use of an AEDT.
This is outlined in section 20-874 of Local Law 144, which states that "[The] provisions of this subchapter shall not be construed to limit any right of any candidate or employee for an employment decision to bring a civil action in any court of competent jurisdiction."
Depending on the specifics of the case, this could potentially result in additional financial penalties or damages. A civil lawsuit almost invariably comes with the risk of reputational damage, impacting customer trust and overall business operations.
The right to take legal action also extends into the sphere of human rights, with Local Law 144 specifying that it does not limit the authority of the Commission on Human Rights to enforce its statutes. If an employer or employment agency is, therefore, found to have violated the law's provisions, they could be subject to action from the Commission on Human Rights in addition to civil litigation.
Local Law 144 does not require systems to be bias-free – instead only that they are audited for bias – but the NYC Department for Consumer and Worker Protection will refer any claims about discrimination to the Commission on Human Rights.
Holistic AI are a governance, risk, and compliance scale-up. We were recently recognised for our work in AI auditing by CB Insights, who named us as one of the world’s most promising AI companies in their esteemed AI 100 list.
Achieve compliance with the help of an industry-leading independent auditor.
DISCLAIMER: This blog article is for informational purposes only. This blog article is not intended to, and does not, provide legal advice or a legal opinion. It is not a do-it-yourself guide to resolving legal issues or handling litigation. This blog article is not a substitute for experienced legal counsel and does not provide legal advice regarding any situation or employer.
Schedule a call with one of our experts