The past five years have seen two historic updates to longstanding regulatory regimes, both aimed at improving safety. We all want the food we eat and the products we encounter to be harmless, and the Food Safety Modernization Act and the Consumer Product Safety Improvement Act aim to make them safer.

For food and consumer product companies, however, this increased safety is accompanied by the heightened cost of regulatory compliance and risk of civil litigation. the ultimate impact of both reforms is still far from clear. Here, food safety and product liability experts break down the risks and offer their recommendations for navigating the new requirements.

The Food Safety Modernization Act

The Food Safety Modernization Act (FSMA), which became law in January 2011, is the biggest change to food safety regulation since Franklin D. Roosevelt signed the Food, Drug and Cosmetic Act in 1938. It came on the heels of a string of headline-grabbing outbreaks of foodborne illnesses: In 2006, E. coli-tainted spinach killed three people and sickened hundreds, and a Salmonella outbreak was linked to peanut butter. Salmonella sickened people across 43 states in 2008 and was linked to contaminated chili peppers, tomatoes and cilantro. And in the summer of 2010, nearly 2,000 cases of Salmonella led to a recall of hundreds of millions of eggs. 

Each of these cases and numerous similar outbreaks led the Food and Drug Administration (FDA) to identify that a problem existed and then trace it back to certain products and facilities, where investigators probed the source and cause of the contamination to prevent future outbreaks. The central goal of FSMA was to change the paradigm from reaction to prevention. 

To this end, FSMA requires facilities that manufacture, process and package food products to develop and implement food safety plans tailored to the specific risks of their products and facilities, encompassing policies and procedures to prevent contamination and other safety hazards. Processors also have to monitor their supply chains to ensure that at every step of the way, proper preventive controls are in place.

The requirement has been in place since July 2012, but the FDA has not yet issued regulations implementing the rules—in fact, the delay was the subject of a lawsuit two public interest groups filed in August 2012 seeking to force the FDA and Office of Management and Budget to enforce FSMA.

The legislation provides a framework for what companies are expected to do: conduct an analysis of reasonably foreseeable risks, implement controls to prevent those hazards, and monitor systems to ensure compliance and effectiveness and to adjust as necessary. What this entails is not new to food companies—a Hazard Analysis and Critical Control Points (HACCP) program, good manufacturing practices (GMP) and other measures are concepts well-known in the food industry, says Joseph Levitt, a partner at Hogan Lovells and the former director of the FDA’s Center for Food Safety and Applied Nutrition. 

Additionally, FSMA gives the FDA more oversight over imported food suppliers and imposes new requirements on importers, mandates more frequent and robust FDA inspections of food-processing and -handling facilities and gives the FDA mandatory recall authority. 

Wave of Litigation

Richard Morgan, managing partner at Bowman and Brooke, says he expects FSMA to contribute to rising private lawsuits against food companies and that food safety litigation is going to be “the big litigation wave of the next 10 years.”

And because FSMA contains a number of prohibitions on its requirements preempting state and local laws, Morgan says food companies are going to be more at risk than drug and device companies that can fall back on preemption. Expect lawsuits to spike when the FDA’s regulations come into effect, he says.

“The plaintiffs bar will do the usual negligence claims,” he says. “But if your paperwork [documenting safety plans and preventive controls, as FSMA requires] doesn’t match up with what the regulations require, that’s going to give them more evidence on whether there might be a strict product liability claim or whether there was a manufacturing issue, and that’s going to cause a lot of exposure for food companies. At some point, the question becomes whether [noncompliance] can be shoehorned into state consumer fraud statutes and lead to class actions.”

Enforcement Expectations

FSMA comes at an interesting time for the FDA, which has stepped up inspections and enforcement in recent years. Levitt points to warning letters based on noncompliance with GMP regulations that the FDA sends to companies not subject to HACCP regulations. Previously, the FDA viewed GMP regulations as very general and hard to enforce, but it has taken a new approach: Last year, the FDA sent almost 100 such warning letters, Levitt says. 

In addition, the FDA has been performing more frequent, targeted and rigorous inspections. In a few cases, it has gone to court seeking injunctions to force violators either to halt processing and distributing or to implement an FDA-approved HAACP plan. 

“A culture change is happening at the FDA,” Levitt says. “It has shifted toward a culture that is much more inspection-minded and enforcement-minded. … It shows how important it will be to comply with the FSMA. If the FDA is enforcing the old rules vigorously, it will likely enforce the new rules even more so.”

The Consumer Product Safety Improvement Act

Like the Food Safety Modernization Act, the Consumer Product Safety Improvement Act (CPSIA) came partly in response to widely publicized safety issues. In the case of CPSIA, which President George W. Bush signed into law in 2008, it was a deluge of children’s toy recalls, many imported from China, due to excessive levels of lead. (A lead-free toys bill was folded into the broader CPSIA.) Among its requirements was a mandatory testing and certification process for manufacturers—any party that makes, produces or assembles a product—to ensure children’s products are free of unacceptable amounts of lead or phthalates. 

On a broader level, CPSIA also updated the Consumer Product Safety Act to expand the Consumer Product Safety  Commission’s (CPSC) staff and budget, substantially increase penalties for certain violations and establish a searchable public database of consumer-submitted product hazard complaints. 

The cap on penalties for a violation of the Consumer Product Safety Act, Federal Hazardous Substances Act and Flammable Fabrics Act is now $100,000, up from $8,000; related series of violations previously were capped at just more than $1.8 million and now can reach $15 million.

Database Fears

But it’s that database that has caused perhaps the biggest concern and most headaches for product manufacturers. The Publicly Available Consumer Product Safety Information Database, which launched in March 2011 at, has been tricky for companies to navigate. Consumers can submit reports on any safety hazard they have experienced or observed in a product, and the CPSC will transmit the reports to product manufacturers or labelers. Ten days after the transmission, the reports are published to the database. Companies have a limited ability to respond to or challenge publication of the reports. 

“It’s not at all clear what type of investigation would even be allowed if there were sufficient time,” says Gary Hebert, a member in McGlinchey Stafford who practices in products liability defense. “We’ve seen [with the National Highway Traffic Safety Administration’s similar Consumer Complaint Database] that people can say just about anything in these reports, which actually has helped us: It allows us to pretty easily convince the courts that no one should be able to introduce the substance of that before juries.”

That’s a big fear of manufacturers and the defense bar: that the CPSC database provides plaintiffs lawyers with an easily accessible trove of prior incident reports to introduce as evidence in civil litigation. This leads to substantial litigation costs surrounding motion practice and hearings on the admissibility of such reports, says James Heller, chair of Cozen O’Connor’s product liability practice. “The second aspect of it is the more reports they get into evidence, the more likely a jury is going to decide on these prior incidents,” he says.

New Duty

Heller says a team of company employees, in-house lawyers and outside counsel should monitor consumer correspondence in the database, and if a trend or issue arises, they should take action immediately, including reaching out to the consumer to further investigate the report and test the consumer’s product. If plaintiffs later try to introduce reports into evidence in a trial, such groundwork will have prepared the defense team to present a set of facts showing that a report is not substantially similar to the litigation and should not be admitted.

In October 2012, a federal district judge in Maryland delivered a ruling that may give industry members some measure of comfort. In the first successful legal challenge of the database, he blocked the CPSC from publishing a report on its database, saying it would violate the Administrative Procedures Act. The unnamed company that was the subject of the report had filed a lawsuit under seal challenging publication, saying that it had provided evidence to the CPSC that the report was inaccurate but that the commission still planned to publish it.