On June 28, 2018, the U.S. Securities and Exchange Commission proposed three rule changes to the Commission’s Whistleblower Program, including one that would authorize the SEC to “downward adjust” monetary awards in large actions for which an award might “exceed an amount that is reasonably necessary to advance the program’s goals”—in the view of the Commission. The proposed change prompted an immediate response from Commissioner Kara Stein who issued a separate Statement on Proposed Amendments to the Commission’s Whistleblower Program Rules (“Statement”) in which she highlights concerns that a move towards a more subjective standard in determining monetary awards could threaten a whistleblower’s incentive to come forward, given the added uncertainty in outcome. Additionally, Stein questions whether the SEC has the statutory authority under the Dodd-Frank Act to alter the rules impacting awards in this way. Continue Reading
On June 21, 2018, the Supreme Court issued its highly anticipated opinion in Lucia v. SEC, finding that the manner in which the U.S. Securities and Exchange Commission (SEC) selects its “in-house” administrative law judges (ALJs) violates the Appointments Clause of the Constitution. In a 7-2 decision, the Court held that ALJs are “inferior officers” and must be appointed by the president or head of the agency, rather than hired by SEC staff through the civil service process. The immediate practical impact of the decision requires that petitioner Raymond Lucia be afforded a new hearing before “a properly appointed official.”
In recent years, capitalizing on what some commentators considered a “home court advantage” for enforcement actions, the SEC began favoring administrative proceedings in which agency ALJs serve as adjudicators rather than judicial proceedings in federal court. An ALJ assigned to hear an SEC enforcement action has the power to issue an initial decision containing factual findings, legal conclusions, and appropriate remedies. The Commission is not required to review the ALJ’s decision, and if it declines to review, the ALJ’s “initial” decision is deemed a final action of the Commission. In practice, most ALJ initial decisions become final without any Commission review; for example, 2016 data revealed that 90% of SEC ALJ initial decisions were not reviewed by the Commission. Continue Reading
On May 9, 2018, the Fourth Circuit Court of Appeals issued an opinion in United States v. Kolsuz, holding that the Fourth Amendment requires individualized suspicion for forensic searches of cell phones seized at the border.
In so holding, the Fourth Circuit provides important clarification about how the Fourth Amendment applies to border searches of electronic devices. But, both in the Fourth Circuit and in jurisdictions across the country, critical questions remain unanswered about the scope of the Fourth Amendment in this context.
In United States v. Kolsuz, federal customs agents found firearm parts in the checked luggage of an airport traveler and then detained him as he was attempting to board an international flight. Subsequently, and without a warrant, agents seized his cell phone and “subjected it to a month-long, off-site forensic analysis, yielding a nearly 900-page report cataloging the phone’s data.” Based in part on this information, the traveler was eventually convicted of, among other things, attempting to smuggle firearms out of the country.
On appeal of his conviction, the traveler challenged the denial of his motion to suppress the forensic analysis of his cell phone as a violation of his Fourth Amendment rights.
In addressing the issue, the Fourth Circuit acknowledged that government agents may perform “routine” searches at international borders, or their functional equivalents, without a warrant or individualized suspicion consistent with the Fourth Amendment. But, the Court recognized that even at the border certain “non-routine,” “highly intrusive” searches require individualized suspicion.
Ultimately, the court held that forensic searches of digital devices, like the one at issue in that case, qualify as such “non-routine” searches and are thus prohibited absent some level of individualized suspicion.
The Court’s holding was based, in part, upon its determination that forensic analysis of a digital device can “reveal an unparalleled breadth” of “private,” “sensitive” information. It was also based on the Supreme Court’s 2014 decision in Riley v. California, which recognized the strong privacy interests associated with electronic devices. There, the Supreme Court held that a warrant is required to search a cell phone seized incident to arrest because of the private, extensive information contained on such devices.
Notably, however, the Fourth Circuit did not decide whether the requisite level of suspicion for such forensic searches is reasonable suspicion, or something more (like a warrant supported by probable cause). It also had no occasion to decide the requisite level of suspicion for officers to conduct “manual” searches, where agents review the content of electronic devices without the help of forensic technology.
Other Case Law, Open Questions Continue Reading
Last month, a D.C. federal judge ordered the Department of Justice to turn over the names of prospective monitors nominated to oversee the corporate compliance programs of fifteen companies found to be in violation of the Foreign Corrupt Practices Act (FCPA). While recognizing that these individuals have “more than a de minimis privacy interest in their anonymity,” the court found that any such privacy interest was outweighed by the public’s interest in learning their identities.
In April 2015, journalist Dylan Tokar filed a FOIA request seeking records related to the review and selection of corporate compliance monitors in FCPA settlement agreements between DOJ and fifteen corporate defendants. Tokar, a reporter for the trade publication Just Anti-Corruption, hoped these records would shed light on the monitor selection process, including whether DOJ had been abiding by the guidelines for monitor selection set forth in its 2008 Morford Memorandum. The Memorandum, which establishes several principles to avoid potential and actual conflicts of interest and address concerns of cronyism, prescribes the consideration of “at least three qualified monitor candidates” whenever practicable. Accordingly, Tokar requested the names of the three monitor candidates and their associated firms for fifteen cases.
More than eighteen months later, DOJ provided Tokar with a table purportedly responding to his request, but redacted the names of the monitor candidates who were nominated but not selected, as well as their affiliated firms in some cases. DOJ asserted that these redactions were necessary and justified under FOIA Exemptions 6 and 7(C), which exempt from disclosure certain information that would constitute an “unwarranted invasion of personal privacy.”
After both parties cross-moved for summary judgment, the court concluded that the redactions were improper and ordered DOJ to release the candidates’ names. It found that while DOJ had demonstrated sufficient privacy interests to warrant coverage under Exemptions 6 and 7(C)—as it was “plausible that these individuals would prefer to have their consideration and ultimate non-selection withheld from the public’s view”—these interests were outweighed by the public’s interest in disclosure. The court agreed with Tokar that without disclosure of the candidates’ names, it would be “difficult (if not impossible) to know whether either the government or the corporate entity under investigation is taking advantage of the selection process in a manner that undermines the objectives of the DPA” and the principles delineated in the Morford Memorandum. Continue Reading
On February 21, 2018, in Class v. United States, the U.S. Supreme Court reaffirmed that a defendant who pleads guilty can still raise on appeal any constitutional claim that does not depend on challenging his or her “factual guilt.” The Court’s holding preserves a federal criminal defendant’s ability to challenge the constitutionality of the statute underlying his or her conviction, even in the event of a guilty plea. In other words, where the appellate claim implicates “the very power of the State” to prosecute the defendant, a guilty plea alone cannot bar it. Continue Reading
Perhaps no part of the Dodd–Frank Wall Street Reform and Consumer Protection Act (“Dodd-Frank”) has garnered as much attention as its whistleblower provisions, which pay corporate whistleblowers bounties under some circumstances, and prevent employers from retaliating against whistleblowing employees. Often times, the bounties paid to whistleblowers under Dodd-Frank warrant the most attention-grabbing headlines. But Dodd-Frank’s anti-retaliation provisions—which protect employees who blow the whistle from retaliation from their employer—are just as important. After all, the chance of receiving a bounty serves as little comfort if employees fear for their jobs when reporting potential corporate wrongdoing.
But exactly which whistleblowers qualify for protection under Dodd-Frank’s anti-retaliation provisions has been a subject of much debate. By its terms, Dodd-Frank provides that an employer may not take any negative employment action against “a whistleblower.” Dodd-Frank further defines “whistleblower” as an individual who provides information relating to a violation of the securities laws to the “Commission,” i.e., directly to the SEC. By its language, then, Dodd-Frank’s anti-retaliation terms do not extend to employees who only report their concerns internally.
Nonetheless, the SEC had historically distinguished between whistleblowers eligible for a bounty and whistleblowers eligible for protection from retaliation: according to SEC’s interpretation, to be eligible for a bounty the employee must report to the SEC itself, while to be eligible for anti-retaliation protection the employee need only report internally. 17 CFR § 240.21F-2.
Whether the SEC’s interpretation comported with Dodd-Frank had split the circuit courts. The Fifth Circuit disagreed with the SEC rule, holding that to be eligible for anti-retaliation protection, the employee must report to the SEC. The Second Circuit and Ninth Circuit reached the opposite result, concluding that the SEC had it right: to be protected from retaliation, the whistleblower need not report to the SEC directly.
In Digital Realty Trust Inc. v. Paul Somers, the Supreme Court has now resolved the split, holding that, in order for an employee to gain Dodd-Frank’s whistleblower protection, they must report wrongdoing to the SEC itself. In a unanimous ruling, the Court said that it need look no further than the language of Dodd-Frank itself: the anti-retaliation term applied to “whistleblowers,” which the statute itself defined as individuals who report information to the SEC. The Court further observed that this result is consistent with the objective of Dodd-Frank’s whistleblower program: to encourage the reporting of securities law violations to the SEC itself.
At first blush, the limits put on Dodd-Frank’s anti-retaliation provisions by the Court would seem to benefit businesses, curbing the potential retaliation claims they face from employees. But the side-effects of the decision could be costly for corporations if employees are now incentivized to bring complaints directly to the SEC, rather than first reporting them internally. Even corporations with robust compliance programs could lose the opportunity to first investigate claims of potential wrongdoing before the SEC launches its own inquiry—which is often followed by costly and time-consuming shareholder litigation
Whether by corporate policy, or statutory provisions such as those implemented by the Sarbanes-Oxley Act, there are numerous other means of anti-retaliation protections for whistleblowing employees. Thus, while the Digital Realty decision may not result in a sea change for the structure of corporate compliance programs, it may well lead to an increase in whistleblowers reporting directly to the SEC. While companies wait to see whether Digital Realty has a significant impact on how employees report whistleblower concerns, they can redouble efforts to effectively implement and broadly publicize their own internal reporting programs.
There will be little debate that this has been a bad day for the state-sanctioned (and regulated) marijuana industry. The Obama-era directives that significantly fettered the discretion of U.S. attorneys to bring federal narcotics charges against marijuana growers, distributors and possessors in states that “legalized” marijuana for medicinal or recreational purposes are now a thing of the past. This change in federal enforcement approach is significant considering the fact that more than half of the states in the nation have, in one form or another, legalized marijuana, and that the marijuana industry is serviced by many banks, landlords, law firms and others. But, contrary to some initial reactions concerning the implications on states’ rights, the authors suggest that this move by Attorney General Jeff Sessions may actually signal a new era of increasingly decentralized federal law enforcement decision-making. To continue reading, click here.
As cybersecurity concerns move more companies to batten down employee use of external email accounts and other websites through blocking software and other measures, the DOJ’s recently issued FCPA Corporate Enforcement Policy—now incorporated in the U.S. Attorneys’ Manual—unequivocally states that companies seeking full cooperation credit from DOJ in FCPA cases must ensure that employees are prohibited “from using software that generates but does not appropriately retain business records or communications,” among other business-record retention measures. Even setting aside the difficulties in policing “old” technology such as personal email accounts and text messaging on employee-owned devices, the constant evolution and emergence of new electronic messaging platforms will undoubtedly create significant challenges for companies seeking to satisfy DOJ’s expectations. Continue Reading
On December 5, 2017, the U.S. Securities and Exchange Commission (SEC) issued an order awarding more than $4.1 million to a whistleblower who voluntarily provided original information to the agency concerning a widespread, multi-year securities-law violation. The award was paid pursuant to the SEC’s Whistleblower Program under the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank). While the identities of whistleblowers are kept confidential in accordance with the Program’s rules, information released by the SEC indicates that the latest payout marks the tenth award made to a whistleblower outside the U.S. A total of 50 whistleblowers have received monetary awards since the first bounty was awarded in 2012. Continue Reading
The DOJ recently took another step to encourage corporate self-disclosure for FCPA violations through the announcement of a new FCPA Enforcement Policy based on the eighteen month FCPA Pilot Program. The DOJ’s Pilot Program proved to be successful—the FCPA Unit received over 30 voluntary disclosures in the 18-month period the Pilot was in place—compared to only 18 voluntary disclosures in the previous 18-month period, according to Deputy Attorney General Rosenstein. The new Enforcement Policy contains many of the same incentives as the Pilot Program, with a few added benefits to sweeten the deal for corporations hoping to avoid hefty FCPA fines.
Presumption of Declination. Building on the cooperation credit offered under the Pilot Program—and barring aggravating circumstances—corporations will receive a presumption that the DOJ will resolve the case through a declination if they 1) voluntarily self-disclose; 2) fully cooperate; and 3) timely and appropriately remediate. The Enforcement Policy delineates the DOJ’s expectations as to each of these requirements, many of which track the Pilot Program. Evaluation of compliance programs, for example, will vary depending on the size and resources of a business and includes factors such as fostering a culture of compliance; dedicating sufficient resources to compliance activities; and ensuring that experienced compliance personnel have appropriate access to management and to the board. Continue Reading