The EEOC’s harassment enforcement guidance – well worth reading, but built on a weak foundation

The EEOC has issued a guidance document spelling out its approach to taking enforcement action in harassment cases.  While this guidance reflects a regulator’s enforcement positions, they are well tied back to numerous cited cases. Taking the time to read through this extensive material can provide quite a bit of insight from the cases on what is needed to meet the standards for a defense, based on a company’s efforts to prevent and respond to harassment. I would certainly recommend to anyone practicing in this area that they read this (220 page) guidance.  

All of this starts from a basis spawned by the Supreme Court. In Faragher v. City of Boca Raton, 524 U.S. 775 (1998) and Burlington Industries, Inc. v. Ellerth, 524 U.S. 742 (1998), the Supreme Court held that companies can avoid liability for hostile environment sexual harassment if they exercised reasonable care to prevent the misconduct and the plaintiff unreasonably failed to report the concerns.  Those and subsequent cases applying the “Faragher/Ellerth” affirmative defense thus looked for reasonableness in an employer’s efforts to prevent and respond to harassment.  The compliance efforts addressed in these cases involved having a policy, providing training, having a reporting system and responding to complaints. The foundation for this was the courts considering what was “reasonable.” But what is missing from all this, and from almost everywhere in the harassment area, is a realistic sense of what is needed for an effective compliance effort.  How, in 2024, could anyone consider the anemic elements that are in this tiny list of steps, to be reasonable, diligent, or in good faith, or even meeting the standard of negligence? Harassment is one of many areas relating to compliance efforts. Yet in no other area among modern standards would what is accepted in harassment meet the minimum standards of a compliance program. 

What is missing in the harassment compliance standards?

Here are some of the points that are missing in harassment that are minimum requirements under the USSGs and are reflected in the guidance from DOJ relating to compliance and ethics programs. 

1. An empowered CECO. Someone with power/clout in charge. Why should a victim take the serious risk that comes with raising a harassment issue when the person responsible for compliance is in a weak position, subject to being easily overruled by a business manager?
2. Evaluating effectiveness. Assessing whether the program is working. Nowhere in the harassment space is there a requirement to assess whether the compliance program is working.  How could that possibly make any sense?  The current approach to harassment compliance is an invitation to take a check the box approach. 
3. Incentives. Make incentives part of the compliance program. Incentives drive behavior – why not consider that in the harassment compliance area? Where is that in the harassment standards? Non-existent. 
4. Preventing retaliation. Take steps to prevent retaliation. Of course, in the EEO caselaw a record of retaliation would excuse someone from going through the useless or dangerous task of reporting harassment.  But there is no requirement to prevent fear of retaliation, as is found in other compliance areas.
5. Discipline for management failure. The USSGs call for discipline of those who have failed to take reasonable steps to prevent or detect violations. Wouldn’t it make sense to hold managers responsible for willful blindness in the harassment area just as they would be in the compliance areas covered under the USSGs?
6. Risk assessment. Nothing in the simple harassment compliance process calls for risk assessment. Yet in other compliance areas risk assessment is considered an indispensable, minimum step.  How can a company reasonably take steps to prevent harassment or retaliation if it has not even thought about what the risks actually are in the company? 
7. Care in delegation. Item 3 of the USSGs calls for care in who you hire and promote. This would seem to be a screamingly obvious step to prevent harassment, but again there is nothing in the weak harassment compliance standards.
8. Board supervision. Under the USSGs the board would be expected to supervise the compliance program. An empowered CECO should report to the board.  Where is that in the harassment area?   
9. Auditing and monitoring. Under the USSGs companies need to audit and monitor to detect violations. Where is the audit or monitor element in harassment? 
10. Being at least as good as industry practice. Under the USSGs one test of an effective compliance program is whether it is at least as good as industry practice.  This means it is not acceptable to simply sit still and do the same things repeatedly while deliberately ignoring developments elsewhere that would be more effective.  An example of such developing practices is compliance champions, see Matt Silverman, The Champions Network (Ignite Press; 2023). The idea here is that companies have compliance presence in all their business units and locations.  This would be especially important in the harassment area where violations can occur in any part of the business.  Yet in harassment it seems to be acceptable to ignore better ideas such as regional and local compliance representatives, and simply stay with a moribund formula.
11. A culture of ethics and compliance. Companies are expected to encourage a culture of ethics and compliance. Where is culture under the harassment standards?  Not included.

Comparing these required elements in other areas to what is standard in harassment shows an astonishing absence of dedication to the task of preventing harassment.  It is as if actual thinking in this area had ceased.  A skeptic could believe that no one in government actually cares much about preventing harassment violations.  If they did why ignore established compliance standards and practices that call for much more serious and comprehensive efforts than what we see today when dealing with harassment.

Consider, for example, that in California, despite the searing lessons of #metoo, their thinking and analysis relating to harassment never got beyond requiring exactly two hours of training every two years. And other states and municipalities, supposedly responding to #metoo, elected not to spend any more time thinking about what would actually work.  Instead they simply repeated the same steps that had failed to prevent the shameful conduct that led to #metoo in the first place.

It would be ideal if modern compliance steps were accepted as a legal standard recognized by the courts in dealing with harassment compliance.  But there is another, immediate approach that the EEOC could adopt borrowing from what DOJ and other enforcers have done. Enforcement agencies have to decide which cases to pursue and where to allocate resources. Just as DOJ and other agencies do, the EEOC could decide that its exercise of discretion would be informed by the compliance diligence shown by organizations that had experienced violations. Companies that had not bothered to take serious steps to prevent violations would be subject to tougher treatment than those that had been diligent in their efforts. 

The victims of harassment deserve better than we have done so far. There already exists practical, well-developed standards for preventing unethical and illegal conduct in organizations.  Why ignore this and instead settle for outdated standards that would be considered too weak in any other area of the law?