November 24, 2025 • 37 mins
Constitutional law expert David Super, a professor at Georgetown Law, discusses a judge dismissing the charges against former FBI Director James Comey and New York Attorney General Letitia James. Then former federal prosecutor Stephen Frank, a partner at Quinn Emanuel, discusses a global insider trading ring that sounds like a movie script. And securities law expert James Park, a professor at UCLA Law School, discusses the SEC’s decision to drop the SolarWinds Cyberattack lawsuit. June Grasso hosts.
See omnystudio.com/listener for privacy information.
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:02):
This is Bloomberg Law with June Grossel from Bloomberg Radio.
Speaker 2 (00:09):
I'm grateful that the court ended the case against me,
which was a prosecution based on malevolence and incompetence, and
a reflection of what the Department of Justice has become
under Donald Trump, which is heartbreaking. But I was also
inspired by the example of the career people who refuse
to be part of this travesty. I know that Donald
(00:30):
Trump will probably come after me again, and my attitude
is going to be the same. I'm innocent, i am
not afraid, and I believe in an independent federal judiciary.
Speaker 3 (00:41):
Former FBI Director James call Me took a victory lap
of sorts after a federal judge throughout the criminal charges
against him and New York Attorney General Letitia James, ruling
that the prosecutor who brought the cases had been illegally appointed.
Lindsay Halligan was abruptly installed as the US Attorney for
(01:02):
the Eastern District of Virginia in September after her predecessor
resigned under pressure to bring charges against Comy and James.
Federal Judge Cameron McGowan Curry concluded that the attorney General's
attempt to install Halligan as interim u S Attorney was invalid.
She dismissed the charges against Comy and James without prejudice,
(01:25):
meaning that prosecutors may be able to refile the cases.
In a statement, James said, I am heartened by today's
victory and grateful for the prayers and support I've received
from around the country. I remain fearless in the face
of these baseless charges as I continue fighting for New
Yorkers every single day. The White House says it will
(01:46):
appeal the decision. Here's Press Secretary Caroline Leavitt.
Speaker 4 (01:51):
I know there was a judge who is clearly trying
to shield Letitia James and James Comy from receiving accountability,
and that's why they this unprecedented action to throw away
the indictments against these two individuals. But the Department of
Justice will be appealing very soon. And it is our
position that Lindsay Halligan is extremely qualified for this position,
(02:12):
but more importantly, was legally appointed to it.
Speaker 3 (02:15):
Joining me is constitutional law Professor David Souper of Georgetown
Law explain why this judge, and this is the judge
from South Carolina who was just considering the Lindsay Halligan appointment,
explain why she dismissed the cases.
Speaker 5 (02:30):
She dismissed the cases against mister Cromee and Mss James
because she found that the US Attorney was not properly appointed.
And since there was no one else in the room
with the grand jury except Miss Halligan, if Miss Halligan
had no powers, then no one presented the case to
the grand jury and it has to be dismissed in
(02:53):
the judges view.
Speaker 3 (02:55):
So Attorney generals have authority to name an interim US
attorney who can serve for one hundred and twenty days.
And the judge said that that one hundred and twenty
days began when Halligan's predecessor, Eric Siebert was appointed on
January twenty first, and when the clock expired on May
twenty first, so did the Attorney general's appointment authority. Is
(03:17):
that a controversial interpretation?
Speaker 5 (03:20):
It is controversial. The statute isn't terribly well written, but
I think she follows most of the rules of statutory interpretation.
And she says, if the Attorney General can just keep
reappointing people for additional one hundred and twenty day slots,
then why would the president ever bother to go to
(03:42):
Congress for confirmations. And why has the statute even mentioned
district courts, since presumably the Attorney General would take that
power if it was there, we would never let it
fall to the district court. That's part of her reasoning.
The other part of it that I think is also
is that Congress changed this rule for about a year
(04:04):
and then went back. So Congress had an arrangement where
the Attorney General could appoint people for as long as
she wanted, and they thought about it for a year
and they said, no, thanks, we don't want any more
of that. So the judge asked, quite reasonably, if Congress
had allowed the arrangement that the Justice Department applies today
(04:27):
and they changed the law to end it, why aren't
we honoring Congress's decision.
Speaker 3 (04:32):
So there have been judges in New Jersey and in
Los Angeles who've come to the same conclusion about this
one hundred and twenty day rule. And the Alina Haba
appointment to lead the New Jersey US Attorney's Office is
before the Third Circuit. If the Third Circuit comes down
(04:53):
with a decision saying no, this is okay, you can
do this does that have any effect on what happens
here in the.
Speaker 5 (04:59):
Fourth The Third Circuit doesn't have jurisdiction over this court.
This court's appeals go to the Fourth Circuit. Obviously a
federal circuit court's views are influential. But the judge here
does not seem to think this is a close case,
and I tend to agree with her. So I think
(05:22):
even if the administration wins Alina Hobbit case, they're still
going to have a real challenge on appeal.
Speaker 3 (05:28):
In this case, the substantive issues about vindictive prosecution and
about what was said in the grand jury room by
Lindsay Halligan that are before Judge Neckmanoff. Does that go away?
Speaker 6 (05:41):
Now?
Speaker 3 (05:41):
Is that over?
Speaker 5 (05:42):
If the government agreed to drop the case, then that
stuff might be over. And on the principle that discretion
is the better part of valor, that would be the
smart thing for the administration to do. But given that
the President has been tweeting instructions to get these people
now now, now, I have trouble believing that will happen.
(06:05):
So I think that the vindictive prosecution matter is likely
to go to decision because the government will appeal this thing.
And if this decision is overturned, then whether it's a
vindictive prosecution would come to the fore again.
Speaker 3 (06:22):
So now they are going to appeal, no surprise, The
White House spokesperson said, the facts of the indictments against
Comium James have not changed, and this will not be
the final word on this matter. So let's say they
take it to the Fourth Circuit and the Fourth Circuit
could affirms what the judge ruled here, So then they
would go to the Supreme Court.
Speaker 5 (06:44):
They would, And I'm sure this judge understands that and
has peppered her opinion with citations to Justice Scalia, Justice Thomas,
Justice cour such, all the lions of conservative status, to
our interpretation. So the Supreme Court can reverse her only
(07:05):
by reversing itself.
Speaker 3 (07:07):
And I believe she also cited what was a controversial
decision by Florida Judge Eileen Cannon dismissing the classified documents
case against President Trump.
Speaker 5 (07:18):
She did, she did. I think that's a little gratuitous
and less central to us. But she's got some basic
statue totory interpretation problems here, and she is hewing very
closely to the procedures the Supreme Court has said, and
hardly takes a move without citing a Supreme Court statutetory
interpretation case. I teach statutory interpretation, and I will be
(07:43):
likely assigning this case because it's such a nice summary
of all the moves you're supposed to make.
Speaker 3 (07:50):
Next stop, fourth Circuit. I'm sure, Thanks so much, David.
That's Professor David Super of Georgetown Law coming up nixt
on the Bloomberg Law Show. A global insider trading case
that sounds like a movie script. I'm June Grosso and
you're listening to Bloomberg. The global insider trading ring allegedly
(08:12):
started at a meal at a Paris restaurant owned by
an ex Merrill Lynch investment banker, with members using burner phones,
coded language, and encrypted messaging apps to conceal its activity
and payments for insider tips being made using cash transfers,
shell companies, fake invoices, and even a plastic bag stumped
(08:34):
with one hundred thousand euros in a Vienna cafe. And
prosecutors say the ring raked in more than seventeen million
dollars from a staggering number of insider tips on more
than fifteen deal targets. My guest is former federal prosecutor
Stephen Frank, a partner at Quinn Emmanuel. This global insider
(08:56):
trading ring sounds a little like a movie script. At
some point, it does.
Speaker 1 (09:01):
Sound like a movie script, and that's because it is
a lot like a movie script.
Speaker 2 (09:04):
What this case is.
Speaker 1 (09:05):
About really is an incredibly sophisticated, long running worldwide insider
trading scheme involving insiders at a number of different companies,
and they haven't actually been charged yet, along with a
web of traders all around the world who are exchanging
(09:28):
messages and exchanging inside information in incredibly difficult to detect ways,
sometimes in person, sometimes over encrypted apps, often using burner
phones with simcards that they are swapping regularly, and laundering
the funds through complicated transactions, sometimes in cash, sometimes using
(09:53):
a variety of bank accounts, sometimes sending cash through the
mail off disguised as gifts or other types of things.
And so it's been able to survive all these years
in part because there are so many different traders involved.
(10:14):
The information is being dispersed so far and wide that
it's incredibly difficult to trace.
Speaker 3 (10:22):
Did it go for almost ten years?
Speaker 1 (10:24):
Nothing like that? I mean, it's been going for a
number of years. I think it's hard to discern exactly
how long it's been going on. We can sort of
trace when the initial contact between certain of the players happened,
but I don't think we know the initial origins of
the entire scheme.
Speaker 3 (10:40):
Were there specific types of trades that they shared inside
information on or was it a variety.
Speaker 1 (10:49):
It was a variety. It was in different industries, It
was in all different types of companies, some that trade
in the US, some that don't. And that's what also
made it so difficult to TechEd, but also kind of
what gives it away, right, It's clear that there is
no one insider at any one company who's sharing this information.
(11:09):
It's clear that there are insiders at a variety of
different companies who are sharing information. That's almost unprecedented in
these types of schemes. You know, insider trading traditionally was
you know, a tip passed, you know, over a glass
of wine or a beer at a country club or
on a golf course in a single company at a
(11:30):
single time. It's unusual to have cases that where there's
different iterations of information being passed over time. It's still
far more unusual to have so many different companies where
information is being passed, and over such an extended period
of time, with so many different traders involved. That's what's
really quite fascinating about this scheme.
Speaker 3 (11:52):
Is there any indication how the authorities first got wind.
Speaker 1 (11:56):
Of this, Well, I should say I was involved in
the original invest mitigation and then handed it off when
I left the government to go into private practice. So
the way that the authorities first got involved in this
sort of first figured out that something was amiss is
simply by seeing the repeated trading in certain companies. There
(12:18):
was one company in particular where various subsidiaries of the
company were involved in transactions over time, and there was
trading ahead of those transactions that was suspicious. But really
what happened was you had certain individuals who kept popping
up on the radar of law enforcement and of international
(12:39):
securities regulators, and law enforcement and regulators looked closely at
those individuals, looked closely at their transactions, their financial transactions,
and put this together over many years of investigation, through
just painstaking investigative work. I mean, the amount of investigation
that goes into an indictment like this is pretty incredible,
(13:01):
and it involves sophisticated techniques like you know, search warrants
for electronic accounts or email accounts, for Facebook accounts, for
iCloud accounts, and then sifting through all of that information
in a painstaking way, much of it not in English,
(13:22):
and putting little little pieces together over time. But it
was really the result of incredible collaboration between US law
enforcement and regulators in the United States, as well as
regulators in law enforcement in England, in France, and in
other countries.
Speaker 3 (13:39):
So I was going to ask, you know, how much
that complicates the investigation when you're dealing, you know, with
other countries and with things happening abroad.
Speaker 1 (13:50):
It makes it incredibly complicated. And that's why these schemes
are able to persist because they know that and they
take advantage of that. No one country can put a
case like this together all by itself. It really requires
collaboration among different law enforcement and regulatory authorities with different mandates,
different evidentiary rules, different procedural rules, and then figuring out
(14:15):
how to share that information in ways that it can
be used by different countries. I mean, even just the
fact that there are different time zones involved makes things
complicated and really requires people to work off hours, to
work around the clock, to travel internationally just to gather
the bits and pieces of evidence that's required to put
a case like this together. It's extremely complicated.
Speaker 3 (14:38):
Is there competition I read that French investigators have been
conducting a parallel investigation for years. Is there competition among
the regulators of the different countries to bring the indictments first.
Speaker 1 (14:53):
That's a great question. There is some of that, and
there's certainly a desire by regular in law enforcement in
each country to be the first to put the biggest
case together. But ultimately there's also a recognition that this
is a big enough scheme, it's sprawling enough that there's
something in it for everybody, and there's more than any
(15:14):
one country can do on its own. So it's ultimately
figuring out what makes the most sense in dividing up
the pie. One of the things that US law enforcement
has as an advantage is that sentencing here for these
types of crimes is substantially greater than it is in
(15:35):
most other countries, and in Europe in particular, and so
ultimately what all regulators, whatever country they're in, want to
do is take down these types of schemes that are
really taking advantage of innocent investors and making markets an
unlevel playing field, right, I mean, ultimately, if investors don't
(15:56):
have confidence in the securities markets, they're not going to invest.
And that's true in the United States, but it's also
true in France, and it's also true in England. So ultimately,
their regulators realize that if they're able to cooperate and
come down with a heavy hand on schemes like this
and make it clear that however much profit insider trading
might generate in the short term, in the long run,
(16:17):
it's going to put you behind bars for an extended
period of time. That's in everybody's best interest because that
protects markets here, but it also protects markets over there.
Speaker 3 (16:25):
When administrations change and priorities of administrations change in enforcement actions,
do some investigations fall by the wayside? And why did
this one not fall by the wayside?
Speaker 1 (16:40):
Well, a couple of things. I'll say this one was
in a pretty advanced state by the time the administrations
changed over. But also it's pretty clear that in this administration,
as in past administrations, securities fraud and insider trading remains
a point of focus. So if you look at the
statistics over the past year of this administration. What you'll
(17:05):
see is that while white collar crime enforcement in general
is down, there are fewer cases being brought, and on
the sec side as well, there are fewer enforcement actions
being brought, particularly against corporate actors, securities fraud, and in particular,
insider trading cases have held steady and perhaps even trended
(17:28):
up a little bit. And that's because I think Chairman
Atkins and others in the administration see crimes against the
markets and crimes against individual investors as crimes they really
need to pursue because of the reasons I just said,
because it undermines confidence in the markets. And one thing
that this administration has in common with prior administrations is
(17:49):
they want the markets to remain strong in investors to
have confidence in them. And that's why we've seen pretty
rigorous enforcement and a number of cases being brought against
insider trading schemes over the past year. And not every scheme, obviously,
is as complicated as this one. This one is really
unprecedented in its sweep and sophistication, but we've seen cases
(18:12):
across the United States really against just ordinary insider trading schemes,
the types of one off schemes. I was talking about
a moment ago where information is being passed on a
cocktail mapkin across the bar, or even insiders trading in
their own companies, which is the least sophisticated kind of scheme.
Finding out information that's not public that can move a
(18:34):
stock in your own company and trading on it, either
in your own account or in the account of a
friend or a relative. Those are relatively easy to discover,
and they're surprisingly commonplace.
Speaker 3 (18:43):
It sounds like this might be a tough case to
try to put this all together for a jury. What
do you think is the strongest evidence that the prosecution has.
Speaker 1 (18:54):
Well, if you read the superseding indictment in this case,
the prosecution has really put together a pretty compelling case,
replete with very devastating text messages, really text messages that
are going to be difficult for the defendants to explain,
in which they're speaking in code, but it's a barely
disguised code. They're talking about swapping phones and sin cards
(19:19):
as socks and shoes. They're talking about money as greens.
They talk about financial transactions sometimes as meat put in
a refrigerator. It's almost comical the way that they use
this code. But ultimately, when you put all of these
conversations together, it really becomes pretty compelling. And then when
(19:40):
you combine those with the cash, the financial transactions, and
the stock trading, it really becomes overwhelming. What's interesting about
this indictment is it was unsealed even though many of
these players have not yet been arrested. So one individual
was arrested and extradited to the United States, and other
individuals in Singapore and is fighting extra edition. Other individuals
(20:01):
have been charged and named but not yet arrested or
extradited into the United States. Now those individuals are going
to find their ability to travel freely severely constrained, and
many of them probably will be picked up over time.
But that doesn't mean that the evidence about them doesn't
come in. Because this is charged as a conspiracy, and
(20:21):
in the US legal system, evidence of communications among conspirators
in furtherance of a conspiratorial aim can all come in.
So all of this evidence about all of the different
players in this conspiracy is going to be admissible for
prosecutors if and when this proceeds to trial.
Speaker 3 (20:38):
The prosecution has a cooperator. How important is his testimony.
Speaker 1 (20:43):
It's always important, particularly when you have these types of
coded communications or a cooperating witness, to be able to
get up on the stand and say, this is what
we were talking about, this is the terminology that we used.
These are the types of techniques that we used to
hide our communmunications make them more difficult to discover. The
most compelling thing, though, about any cooperating witness is the
(21:05):
fact that he's going to get up there in all
likelihood and say I committed this crime. I was a
part of this scheme, this was a conspiracy, and the
defendant was in it with me. That's really devastating evidence
that's very difficult to undermine, particularly when that individual has
accepted responsibility for their own collaps.
Speaker 3 (21:24):
Do you envision the prosecution sort of presenting this like
a movie, like here we are at the French restaurant
and blah blah, blah blah blah.
Speaker 1 (21:33):
It is pretty cinematic. So if they're smart about it,
and they are, and I'm sure they'll do this, they
will present it in that way. They will have First
of all, these communications are so devastating, they're going to
be put up on a screen and even though there's
no audio in these communications, there wasn't a wiretap involved
in this case, you'll nevertheless be able to see these
communications and play out these transactions almost in real time,
(21:56):
and then you'll have it narrated by somebody like this
coper O breading witness who's going to be able to
say I was there and I was passing this cash,
you know, in a paper bag or whatever the case
may be, and it's really captivating for jurors. I've been
on cases similar to this before where jurors have said
afterwards that they were really just so enthralled by the
(22:18):
presentation of the evidence, because it really is even though
these are just financial transactions, the level of greed involved
and the lengths that people will go to to disguise
these transactions is pretty incredible.
Speaker 3 (22:32):
You're a prosecutor for a long time. Now you're on
the other side. I mean, do you see a possible
defense here.
Speaker 1 (22:39):
It's going to be interesting. I mean, I think any
defense attorney is going to, you know, do some basic things.
One is you're going to try and keep out as
much evidence as you possibly can, right go after the
search warrants and try to figure out some way legal
or otherwise that they are invalid. Another thing is, obviously,
you know, a top the cooperating witness, try to undermine
(22:59):
the cutibility of the cooperator and suggest that they're doing
it really to obtain leniency in their own sentencing, but
that they are really just telling a story that the
prosecution wants them to tell. Another piece of it is
to point to the empty chair right to say that
there are all these other players involved, but where are
they and try and undermine the case that way. But
(23:20):
when you have a case that's been put together over
years with as much evidence as it appears the prosecutors
have in this case, it's tough. And sometimes defendants take
their shot because they figure they have nothing to lose,
But other times they try to work out a deal.
And no doubt, given the number of people who still
haven't been apprehended, and the number of others who are
(23:42):
undoubtedly involved in the scheme and haven't even been charged,
including the insiders at some of these companies, there's going
to be a real incentive as the trial data approaches
for some of these people to flip themselves and try
and work out a deal for themselves.
Speaker 3 (23:56):
It seems like this would be a great trial to watch.
Speaker 1 (23:59):
It's a really cool case. It's a pretty unprecedented case.
It's unusual for a case like this to be brought
in a place like Boston, which isn't you know, as
big a financial center as New York or even San Francisco.
But it's really a testament to the work of you know,
individual prosecutors and FBI agents and folks at the SEC
to put a case like this together. I mean that
(24:19):
the amount of work is really it's not apparent at
the first glance, but it really it's literally years of work.
Speaker 3 (24:25):
It's been a fascinating conversation. Thanks so much. That's former
federal prosecutor Stephen Frank, a partner at Quinn Emmanuel. The
Securities and Exchange Commission is dropping its landmark lawsuit against
Solar Winds that accuse the company of covering up internal
problems ahead of a massive cyber attack. The agency said
(24:48):
the decision to seek dismissal is quote in the exercise
of its discretion and does not necessarily reflect the Commission's
position on any other case. The move 's a controversial
case for the SEC, which faced criticism from Wall Street
and beyond that it's allegations against Solar Winds went far
(25:09):
afield of the agency's typical enforcement remit. My guest is
securities law expert James Park, a professor at UCLA Law School.
Jim tell us about the SEC suit.
Speaker 7 (25:21):
This is a major cybersecurity disclosure case involving a company
in Austin that developed network monitoring software, basically software that
you use to monitor the performance of your network. And obviously,
for software like this, you know, cybersecurity is very important
(25:44):
because somebody could come in and see everything that's going
on in your network. And they have a major cyber
attack on something called the Orian software platform that generated
almost half of their revenue. Their stock price goes down,
and then the SEC brings a case saying that various
(26:06):
disclosures they made with respect to their cybersecurity practices were
materially misleading. That was litigated by the company, which does
not always happen. A lot of defendants settle SEC cases
rather than pursue dismissal, but they litigated in the Southern
(26:26):
District of New York. Judge Engelmeyer dismissed part of the
SEC's claims, not all of them, but some of them.
I mean, this was about a year or so ago,
and then we just got news last week that the
SEC has chosen not to go forward with the case.
Speaker 3 (26:42):
I mean, did this case diverge in any way from
a normal or the usual SEC enforcement actions.
Speaker 7 (26:50):
One way it diverged, I think is the defendant litigated
the case. And you know, another is that you know,
when you bring a major case like this, you usually
pursue it to the end, and I think that's usually
the practice with the SEC. Even when the administration changes,
you have enforcement cases that often are left over from
(27:13):
prior years because they take a long time to resolve,
and then you know, the enforcement staff is they continue
to litigate those cases, even if there might be some
disagreement with the new commission.
Speaker 6 (27:25):
And so it is a bit unusual.
Speaker 7 (27:28):
They're not unprecedented for the SEC to stop pursuing a case.
Of course, this did happen as well with the various
crypto enforcement cases. So for this SEC, it's not unprecedented.
For prior secs, I think it's unusual. I think that
would be fair to say.
Speaker 3 (27:44):
And also, is it the first time they suit a
computer security executive for a cybersecurity related issue? That companies
said that they were trying to expand their turf.
Speaker 7 (27:56):
That is unusual, right the chief Information Security office, sir,
who you know, it's not the CEO, it's not the
chief financial officer. And I don't know if they've ever
sued a chief information security officer before, but this is
certainly something that was relatively new. And so that was
another interesting aspect.
Speaker 6 (28:16):
Of the case.
Speaker 3 (28:18):
Why did the judge dismiss a lot of the case.
Speaker 7 (28:21):
You know, I think one reason was that the statements,
some of the statements the SEC alleged were misleading. Were
these broad statements about there's a risk of cybersecurity breach,
and these are the types of disclosures.
Speaker 6 (28:40):
That are made by a lot of companies. And what
the SEC was saying is that the reason.
Speaker 7 (28:46):
Those generic disclosures were misleading is that they were never
really updated even when it became clear to the company
that its cybersecurity was insufficient.
Speaker 6 (28:59):
And so the SEC was saying that you.
Speaker 7 (29:02):
Basically were putting out this generic disclosure to keep investors satisfied,
but you are not updating it when new developments came
along and investors would want you to update those risk disclosures.
And really, what the judge said as well, the risk disclosures.
(29:22):
They were enough to tell the investors that this was
a type of risk, and investors they understand that companies
talk in generalities like this. There's a doctrine called the
Puffrey doctrine where everyone understands companies are always going to
try to put a rosy tone on things, and they
(29:44):
speak in a very optimistic way. So they do this,
and investors know this, and they know that they shouldn't
trust these broad statements on face value, and so that
was the main reason a good chunk of the case
was dismissed. Now, there were statements that were more pacific
that were published on the company's website, which the judge
said could proceed. The claims could proceed because they made
(30:07):
much more specific statements that the company was using strong cybersecurity,
that they had gone through a rigorous development process, that
they were very sort of diligent in evaluating their internal
cybersecurity controls, and those statements might have been misleading.
Speaker 6 (30:25):
According to Judge.
Speaker 3 (30:27):
Ingle Meyer, what do you think the SEC caved here?
Speaker 7 (30:30):
I think that cybersecurity has been controversial in terms of
whether this is an area where the SEC should be
significantly involved, and it's only been fairly recently that we
think of cybersecurity as something that the high level managers
of the company must be really vigilant about. You know,
(30:55):
I think there was a time when we thought of
cybersecurity issues as being you know, this is what the
IT department is responsible for. It's not something that the
board really should be knowledgeable about, because the board quite
frankly doesn't have the expertise in evaluating a company cybersecurity.
Speaker 6 (31:10):
And so there's been a big shift.
Speaker 7 (31:12):
Though to require disclosure about cybersecurity and to require the
board to evaluate the adequacy of cybersecurity. I think that's
been controversial, although I think it still is an expectation.
And you know, in addition to cybersecurity efforts being generally controversial,
(31:32):
I think enforcement relating to cybersecurity disclosures might have been
even more controversial because the critics would say, you know, basically,
this is a company that was a victim of a
cyber attack, and so they were victims, and now you're
saying that they should also pay for misleading investors, and
(31:52):
so there might be something off putting or problematic about
saying that, well, you are the victim of the cyber attack,
plus you also have to pay money to your investors
because you didn't stop it. I think that's kind of
the argument here, is that you know, it's almost punishing
you twice for being the victim of a cyber attech. Now,
(32:13):
on the other hand, you could say, well, this is
a company with cyber security matters a lot, and so
they should have made more timely disclosures. That's the argument
on the other side. But I think that maybe what
the SEC was thinking here is that we want to
pull back a bit on cybersecurity enforcement.
Speaker 3 (32:29):
So officially, the SEC said that the decision to seek
dismissal is in the exercise of its discretion, does not
necessarily reflect the Commission's position on any other case. I mean,
do you think the SEC intends to continue to focus
on cybersecurity or this case says no.
Speaker 7 (32:50):
Well it's a powerful statement, but I think the SEC
maybe leaving some room to change its mind. And you know,
if they're maybe there are a better set of facts
around that they might find. And so I think they
are leaving open the option to bring enforcement cases and
(33:10):
they're not saying that. You know that you can't sort
of violate security sprout provisions through misstatements about cybersecurity. But
I think they're saying, in this case, maybe the case
was not as strong as it as it could have been.
And I think it's a powerful signal with respect to
this particular SEC.
Speaker 3 (33:29):
I guess chief information security officers are breathing a sigh
of relief with this because it would have meant personal liability.
Speaker 7 (33:38):
Yeah, I think I think that's right. I think they're there.
Definitely is potential for liability. You know, of course, if
they settle the you know, the payment may be covered
by an insurance policy. But it's never easy when you
are specifically named in a complaint, and you know, I
think if you're the CFO, you fully understand that this
(34:02):
is something that could happen. Chief information security officer, maybe not,
but you know. This also speaks though to the difficulty
of bringing cases against individual corporate officers, which the SEC
says it wants to do more of. But you know,
when you single out a particular individual, there is sometimes
(34:22):
a question of is it fair to put so much
blame on a single person when you know it might
have been more of a systematic problem at the corporation
that the high level officer may not have really had
complete control over. So I think that's an interesting point,
is that in some ways this kind of acknowledges that
it's actually really hard to build cases against individuals, and
(34:46):
sometimes it may you may see them unfair.
Speaker 3 (34:48):
Any final thoughts, Jim, I.
Speaker 7 (34:50):
Think you might think of these cybersecurity cases as just
another form of a type of case at commonly brought,
which is that you know there's some business development that
the company knows about some business failure. You know, we
have a product we thought was going to be great,
but we know it's going to be delayed a long time,
(35:13):
it has a lot of flaws in it, and you
know we we don't tell investors. I think it's fairly
clear now, based on you know, thirty forty years of
case law, that lying about business developments can violate securities
fraud laws. And you know, there's an argument that if
you are lying about the strength of your cybersecurity controls,
(35:37):
that that's not all that different, right, because you know,
it's not a business failure, but it is a failure
in what you're supposed to be doing to protect your customers,
to protect investors, And so these disclosures can be important.
Speaker 6 (35:53):
And I don't think.
Speaker 7 (35:54):
The SEC's direction in this was completely unfounded because I think,
you know, just closures in business practices relating to treatment
of customers and so forth are pretty relevant to what
investors are looking at for companies like this. I do
agree though, that, you know, it is difficult to sort
of determine, you know, when exactly was it clear that
(36:18):
they were engaging in really really risky behaviors that were
so far below the industry norm that we would want
them to be accountable for not saying more about their
vulnerability to a cyber attech. I think that's a really
difficult question to answer as well.
Speaker 3 (36:33):
Thanks so much, Jim. As always, that's Professor James Park
of UCLA Law School. And that's it for this edition
of The Bloomberg Law Show. Remember you can always get
the latest legal news on our Bloomberg Law Podcast. You
can find them on Apple Podcasts, Spotify, and at www
dot Bloomberg dot com, slash podcast Slash Law, And remember
(36:54):
to tune into The Bloomberg Law Show every weeknight at
ten pm Wall Street Time. I'm Jamie Grosso, and you're
listening to Bloomberg MHM.
This is Bloomberg Law with June Grossel from Bloomberg Radio.
Speaker 2 (00:09):
I'm grateful that the court ended the case against me,
which was a prosecution based on malevolence and incompetence, and
a reflection of what the Department of Justice has become
under Donald Trump, which is heartbreaking. But I was also
inspired by the example of the career people who refuse
to be part of this travesty. I know that Donald
(00:30):
Trump will probably come after me again, and my attitude
is going to be the same. I'm innocent, i am
not afraid, and I believe in an independent federal judiciary.
Speaker 3 (00:41):
Former FBI Director James call Me took a victory lap
of sorts after a federal judge throughout the criminal charges
against him and New York Attorney General Letitia James, ruling
that the prosecutor who brought the cases had been illegally appointed.
Lindsay Halligan was abruptly installed as the US Attorney for
(01:02):
the Eastern District of Virginia in September after her predecessor
resigned under pressure to bring charges against Comy and James.
Federal Judge Cameron McGowan Curry concluded that the attorney General's
attempt to install Halligan as interim u S Attorney was invalid.
She dismissed the charges against Comy and James without prejudice,
(01:25):
meaning that prosecutors may be able to refile the cases.
In a statement, James said, I am heartened by today's
victory and grateful for the prayers and support I've received
from around the country. I remain fearless in the face
of these baseless charges as I continue fighting for New
Yorkers every single day. The White House says it will
(01:46):
appeal the decision. Here's Press Secretary Caroline Leavitt.
Speaker 4 (01:51):
I know there was a judge who is clearly trying
to shield Letitia James and James Comy from receiving accountability,
and that's why they this unprecedented action to throw away
the indictments against these two individuals. But the Department of
Justice will be appealing very soon. And it is our
position that Lindsay Halligan is extremely qualified for this position,
(02:12):
but more importantly, was legally appointed to it.
Speaker 3 (02:15):
Joining me is constitutional law Professor David Souper of Georgetown
Law explain why this judge, and this is the judge
from South Carolina who was just considering the Lindsay Halligan appointment,
explain why she dismissed the cases.
Speaker 5 (02:30):
She dismissed the cases against mister Cromee and Mss James
because she found that the US Attorney was not properly appointed.
And since there was no one else in the room
with the grand jury except Miss Halligan, if Miss Halligan
had no powers, then no one presented the case to
the grand jury and it has to be dismissed in
(02:53):
the judges view.
Speaker 3 (02:55):
So Attorney generals have authority to name an interim US
attorney who can serve for one hundred and twenty days.
And the judge said that that one hundred and twenty
days began when Halligan's predecessor, Eric Siebert was appointed on
January twenty first, and when the clock expired on May
twenty first, so did the Attorney general's appointment authority. Is
(03:17):
that a controversial interpretation?
Speaker 5 (03:20):
It is controversial. The statute isn't terribly well written, but
I think she follows most of the rules of statutory interpretation.
And she says, if the Attorney General can just keep
reappointing people for additional one hundred and twenty day slots,
then why would the president ever bother to go to
(03:42):
Congress for confirmations. And why has the statute even mentioned
district courts, since presumably the Attorney General would take that
power if it was there, we would never let it
fall to the district court. That's part of her reasoning.
The other part of it that I think is also
is that Congress changed this rule for about a year
(04:04):
and then went back. So Congress had an arrangement where
the Attorney General could appoint people for as long as
she wanted, and they thought about it for a year
and they said, no, thanks, we don't want any more
of that. So the judge asked, quite reasonably, if Congress
had allowed the arrangement that the Justice Department applies today
(04:27):
and they changed the law to end it, why aren't
we honoring Congress's decision.
Speaker 3 (04:32):
So there have been judges in New Jersey and in
Los Angeles who've come to the same conclusion about this
one hundred and twenty day rule. And the Alina Haba
appointment to lead the New Jersey US Attorney's Office is
before the Third Circuit. If the Third Circuit comes down
(04:53):
with a decision saying no, this is okay, you can
do this does that have any effect on what happens
here in the.
Speaker 5 (04:59):
Fourth The Third Circuit doesn't have jurisdiction over this court.
This court's appeals go to the Fourth Circuit. Obviously a
federal circuit court's views are influential. But the judge here
does not seem to think this is a close case,
and I tend to agree with her. So I think
(05:22):
even if the administration wins Alina Hobbit case, they're still
going to have a real challenge on appeal.
Speaker 3 (05:28):
In this case, the substantive issues about vindictive prosecution and
about what was said in the grand jury room by
Lindsay Halligan that are before Judge Neckmanoff. Does that go away?
Speaker 6 (05:41):
Now?
Speaker 3 (05:41):
Is that over?
Speaker 5 (05:42):
If the government agreed to drop the case, then that
stuff might be over. And on the principle that discretion
is the better part of valor, that would be the
smart thing for the administration to do. But given that
the President has been tweeting instructions to get these people
now now, now, I have trouble believing that will happen.
(06:05):
So I think that the vindictive prosecution matter is likely
to go to decision because the government will appeal this thing.
And if this decision is overturned, then whether it's a
vindictive prosecution would come to the fore again.
Speaker 3 (06:22):
So now they are going to appeal, no surprise, The
White House spokesperson said, the facts of the indictments against
Comium James have not changed, and this will not be
the final word on this matter. So let's say they
take it to the Fourth Circuit and the Fourth Circuit
could affirms what the judge ruled here, So then they
would go to the Supreme Court.
Speaker 5 (06:44):
They would, And I'm sure this judge understands that and
has peppered her opinion with citations to Justice Scalia, Justice Thomas,
Justice cour such, all the lions of conservative status, to
our interpretation. So the Supreme Court can reverse her only
(07:05):
by reversing itself.
Speaker 3 (07:07):
And I believe she also cited what was a controversial
decision by Florida Judge Eileen Cannon dismissing the classified documents
case against President Trump.
Speaker 5 (07:18):
She did, she did. I think that's a little gratuitous
and less central to us. But she's got some basic
statue totory interpretation problems here, and she is hewing very
closely to the procedures the Supreme Court has said, and
hardly takes a move without citing a Supreme Court statutetory
interpretation case. I teach statutory interpretation, and I will be
(07:43):
likely assigning this case because it's such a nice summary
of all the moves you're supposed to make.
Speaker 3 (07:50):
Next stop, fourth Circuit. I'm sure, Thanks so much, David.
That's Professor David Super of Georgetown Law coming up nixt
on the Bloomberg Law Show. A global insider trading case
that sounds like a movie script. I'm June Grosso and
you're listening to Bloomberg. The global insider trading ring allegedly
(08:12):
started at a meal at a Paris restaurant owned by
an ex Merrill Lynch investment banker, with members using burner phones,
coded language, and encrypted messaging apps to conceal its activity
and payments for insider tips being made using cash transfers,
shell companies, fake invoices, and even a plastic bag stumped
(08:34):
with one hundred thousand euros in a Vienna cafe. And
prosecutors say the ring raked in more than seventeen million
dollars from a staggering number of insider tips on more
than fifteen deal targets. My guest is former federal prosecutor
Stephen Frank, a partner at Quinn Emmanuel. This global insider
(08:56):
trading ring sounds a little like a movie script. At
some point, it does.
Speaker 1 (09:01):
Sound like a movie script, and that's because it is
a lot like a movie script.
Speaker 2 (09:04):
What this case is.
Speaker 1 (09:05):
About really is an incredibly sophisticated, long running worldwide insider
trading scheme involving insiders at a number of different companies,
and they haven't actually been charged yet, along with a
web of traders all around the world who are exchanging
(09:28):
messages and exchanging inside information in incredibly difficult to detect ways,
sometimes in person, sometimes over encrypted apps, often using burner
phones with simcards that they are swapping regularly, and laundering
the funds through complicated transactions, sometimes in cash, sometimes using
(09:53):
a variety of bank accounts, sometimes sending cash through the
mail off disguised as gifts or other types of things.
And so it's been able to survive all these years
in part because there are so many different traders involved.
(10:14):
The information is being dispersed so far and wide that
it's incredibly difficult to trace.
Speaker 3 (10:22):
Did it go for almost ten years?
Speaker 1 (10:24):
Nothing like that? I mean, it's been going for a
number of years. I think it's hard to discern exactly
how long it's been going on. We can sort of
trace when the initial contact between certain of the players happened,
but I don't think we know the initial origins of
the entire scheme.
Speaker 3 (10:40):
Were there specific types of trades that they shared inside
information on or was it a variety.
Speaker 1 (10:49):
It was a variety. It was in different industries, It
was in all different types of companies, some that trade
in the US, some that don't. And that's what also
made it so difficult to TechEd, but also kind of
what gives it away, right, It's clear that there is
no one insider at any one company who's sharing this information.
(11:09):
It's clear that there are insiders at a variety of
different companies who are sharing information. That's almost unprecedented in
these types of schemes. You know, insider trading traditionally was
you know, a tip passed, you know, over a glass
of wine or a beer at a country club or
on a golf course in a single company at a
(11:30):
single time. It's unusual to have cases that where there's
different iterations of information being passed over time. It's still
far more unusual to have so many different companies where
information is being passed, and over such an extended period
of time, with so many different traders involved. That's what's
really quite fascinating about this scheme.
Speaker 3 (11:52):
Is there any indication how the authorities first got wind.
Speaker 1 (11:56):
Of this, Well, I should say I was involved in
the original invest mitigation and then handed it off when
I left the government to go into private practice. So
the way that the authorities first got involved in this
sort of first figured out that something was amiss is
simply by seeing the repeated trading in certain companies. There
(12:18):
was one company in particular where various subsidiaries of the
company were involved in transactions over time, and there was
trading ahead of those transactions that was suspicious. But really
what happened was you had certain individuals who kept popping
up on the radar of law enforcement and of international
(12:39):
securities regulators, and law enforcement and regulators looked closely at
those individuals, looked closely at their transactions, their financial transactions,
and put this together over many years of investigation, through
just painstaking investigative work. I mean, the amount of investigation
that goes into an indictment like this is pretty incredible,
(13:01):
and it involves sophisticated techniques like you know, search warrants
for electronic accounts or email accounts, for Facebook accounts, for
iCloud accounts, and then sifting through all of that information
in a painstaking way, much of it not in English,
(13:22):
and putting little little pieces together over time. But it
was really the result of incredible collaboration between US law
enforcement and regulators in the United States, as well as
regulators in law enforcement in England, in France, and in
other countries.
Speaker 3 (13:39):
So I was going to ask, you know, how much
that complicates the investigation when you're dealing, you know, with
other countries and with things happening abroad.
Speaker 1 (13:50):
It makes it incredibly complicated. And that's why these schemes
are able to persist because they know that and they
take advantage of that. No one country can put a
case like this together all by itself. It really requires
collaboration among different law enforcement and regulatory authorities with different mandates,
different evidentiary rules, different procedural rules, and then figuring out
(14:15):
how to share that information in ways that it can
be used by different countries. I mean, even just the
fact that there are different time zones involved makes things
complicated and really requires people to work off hours, to
work around the clock, to travel internationally just to gather
the bits and pieces of evidence that's required to put
a case like this together. It's extremely complicated.
Speaker 3 (14:38):
Is there competition I read that French investigators have been
conducting a parallel investigation for years. Is there competition among
the regulators of the different countries to bring the indictments first.
Speaker 1 (14:53):
That's a great question. There is some of that, and
there's certainly a desire by regular in law enforcement in
each country to be the first to put the biggest
case together. But ultimately there's also a recognition that this
is a big enough scheme, it's sprawling enough that there's
something in it for everybody, and there's more than any
(15:14):
one country can do on its own. So it's ultimately
figuring out what makes the most sense in dividing up
the pie. One of the things that US law enforcement
has as an advantage is that sentencing here for these
types of crimes is substantially greater than it is in
(15:35):
most other countries, and in Europe in particular, and so
ultimately what all regulators, whatever country they're in, want to
do is take down these types of schemes that are
really taking advantage of innocent investors and making markets an
unlevel playing field, right, I mean, ultimately, if investors don't
(15:56):
have confidence in the securities markets, they're not going to invest.
And that's true in the United States, but it's also
true in France, and it's also true in England. So ultimately,
their regulators realize that if they're able to cooperate and
come down with a heavy hand on schemes like this
and make it clear that however much profit insider trading
might generate in the short term, in the long run,
(16:17):
it's going to put you behind bars for an extended
period of time. That's in everybody's best interest because that
protects markets here, but it also protects markets over there.
Speaker 3 (16:25):
When administrations change and priorities of administrations change in enforcement actions,
do some investigations fall by the wayside? And why did
this one not fall by the wayside?
Speaker 1 (16:40):
Well, a couple of things. I'll say this one was
in a pretty advanced state by the time the administrations
changed over. But also it's pretty clear that in this administration,
as in past administrations, securities fraud and insider trading remains
a point of focus. So if you look at the
statistics over the past year of this administration. What you'll
(17:05):
see is that while white collar crime enforcement in general
is down, there are fewer cases being brought, and on
the sec side as well, there are fewer enforcement actions
being brought, particularly against corporate actors, securities fraud, and in particular,
insider trading cases have held steady and perhaps even trended
(17:28):
up a little bit. And that's because I think Chairman
Atkins and others in the administration see crimes against the
markets and crimes against individual investors as crimes they really
need to pursue because of the reasons I just said,
because it undermines confidence in the markets. And one thing
that this administration has in common with prior administrations is
(17:49):
they want the markets to remain strong in investors to
have confidence in them. And that's why we've seen pretty
rigorous enforcement and a number of cases being brought against
insider trading schemes over the past year. And not every scheme, obviously,
is as complicated as this one. This one is really
unprecedented in its sweep and sophistication, but we've seen cases
(18:12):
across the United States really against just ordinary insider trading schemes,
the types of one off schemes. I was talking about
a moment ago where information is being passed on a
cocktail mapkin across the bar, or even insiders trading in
their own companies, which is the least sophisticated kind of scheme.
Finding out information that's not public that can move a
(18:34):
stock in your own company and trading on it, either
in your own account or in the account of a
friend or a relative. Those are relatively easy to discover,
and they're surprisingly commonplace.
Speaker 3 (18:43):
It sounds like this might be a tough case to
try to put this all together for a jury. What
do you think is the strongest evidence that the prosecution has.
Speaker 1 (18:54):
Well, if you read the superseding indictment in this case,
the prosecution has really put together a pretty compelling case,
replete with very devastating text messages, really text messages that
are going to be difficult for the defendants to explain,
in which they're speaking in code, but it's a barely
disguised code. They're talking about swapping phones and sin cards
(19:19):
as socks and shoes. They're talking about money as greens.
They talk about financial transactions sometimes as meat put in
a refrigerator. It's almost comical the way that they use
this code. But ultimately, when you put all of these
conversations together, it really becomes pretty compelling. And then when
(19:40):
you combine those with the cash, the financial transactions, and
the stock trading, it really becomes overwhelming. What's interesting about
this indictment is it was unsealed even though many of
these players have not yet been arrested. So one individual
was arrested and extradited to the United States, and other
individuals in Singapore and is fighting extra edition. Other individuals
(20:01):
have been charged and named but not yet arrested or
extradited into the United States. Now those individuals are going
to find their ability to travel freely severely constrained, and
many of them probably will be picked up over time.
But that doesn't mean that the evidence about them doesn't
come in. Because this is charged as a conspiracy, and
(20:21):
in the US legal system, evidence of communications among conspirators
in furtherance of a conspiratorial aim can all come in.
So all of this evidence about all of the different
players in this conspiracy is going to be admissible for
prosecutors if and when this proceeds to trial.
Speaker 3 (20:38):
The prosecution has a cooperator. How important is his testimony.
Speaker 1 (20:43):
It's always important, particularly when you have these types of
coded communications or a cooperating witness, to be able to
get up on the stand and say, this is what
we were talking about, this is the terminology that we used.
These are the types of techniques that we used to
hide our communmunications make them more difficult to discover. The
most compelling thing, though, about any cooperating witness is the
(21:05):
fact that he's going to get up there in all
likelihood and say I committed this crime. I was a
part of this scheme, this was a conspiracy, and the
defendant was in it with me. That's really devastating evidence
that's very difficult to undermine, particularly when that individual has
accepted responsibility for their own collaps.
Speaker 3 (21:24):
Do you envision the prosecution sort of presenting this like
a movie, like here we are at the French restaurant
and blah blah, blah blah blah.
Speaker 1 (21:33):
It is pretty cinematic. So if they're smart about it,
and they are, and I'm sure they'll do this, they
will present it in that way. They will have First
of all, these communications are so devastating, they're going to
be put up on a screen and even though there's
no audio in these communications, there wasn't a wiretap involved
in this case, you'll nevertheless be able to see these
communications and play out these transactions almost in real time,
(21:56):
and then you'll have it narrated by somebody like this
coper O breading witness who's going to be able to
say I was there and I was passing this cash,
you know, in a paper bag or whatever the case
may be, and it's really captivating for jurors. I've been
on cases similar to this before where jurors have said
afterwards that they were really just so enthralled by the
(22:18):
presentation of the evidence, because it really is even though
these are just financial transactions, the level of greed involved
and the lengths that people will go to to disguise
these transactions is pretty incredible.
Speaker 3 (22:32):
You're a prosecutor for a long time. Now you're on
the other side. I mean, do you see a possible
defense here.
Speaker 1 (22:39):
It's going to be interesting. I mean, I think any
defense attorney is going to, you know, do some basic things.
One is you're going to try and keep out as
much evidence as you possibly can, right go after the
search warrants and try to figure out some way legal
or otherwise that they are invalid. Another thing is, obviously,
you know, a top the cooperating witness, try to undermine
(22:59):
the cutibility of the cooperator and suggest that they're doing
it really to obtain leniency in their own sentencing, but
that they are really just telling a story that the
prosecution wants them to tell. Another piece of it is
to point to the empty chair right to say that
there are all these other players involved, but where are
they and try and undermine the case that way. But
(23:20):
when you have a case that's been put together over
years with as much evidence as it appears the prosecutors
have in this case, it's tough. And sometimes defendants take
their shot because they figure they have nothing to lose,
But other times they try to work out a deal.
And no doubt, given the number of people who still
haven't been apprehended, and the number of others who are
(23:42):
undoubtedly involved in the scheme and haven't even been charged,
including the insiders at some of these companies, there's going
to be a real incentive as the trial data approaches
for some of these people to flip themselves and try
and work out a deal for themselves.
Speaker 3 (23:56):
It seems like this would be a great trial to watch.
Speaker 1 (23:59):
It's a really cool case. It's a pretty unprecedented case.
It's unusual for a case like this to be brought
in a place like Boston, which isn't you know, as
big a financial center as New York or even San Francisco.
But it's really a testament to the work of you know,
individual prosecutors and FBI agents and folks at the SEC
to put a case like this together. I mean that
(24:19):
the amount of work is really it's not apparent at
the first glance, but it really it's literally years of work.
Speaker 3 (24:25):
It's been a fascinating conversation. Thanks so much. That's former
federal prosecutor Stephen Frank, a partner at Quinn Emmanuel. The
Securities and Exchange Commission is dropping its landmark lawsuit against
Solar Winds that accuse the company of covering up internal
problems ahead of a massive cyber attack. The agency said
(24:48):
the decision to seek dismissal is quote in the exercise
of its discretion and does not necessarily reflect the Commission's
position on any other case. The move 's a controversial
case for the SEC, which faced criticism from Wall Street
and beyond that it's allegations against Solar Winds went far
(25:09):
afield of the agency's typical enforcement remit. My guest is
securities law expert James Park, a professor at UCLA Law School.
Jim tell us about the SEC suit.
Speaker 7 (25:21):
This is a major cybersecurity disclosure case involving a company
in Austin that developed network monitoring software, basically software that
you use to monitor the performance of your network. And obviously,
for software like this, you know, cybersecurity is very important
(25:44):
because somebody could come in and see everything that's going
on in your network. And they have a major cyber
attack on something called the Orian software platform that generated
almost half of their revenue. Their stock price goes down,
and then the SEC brings a case saying that various
(26:06):
disclosures they made with respect to their cybersecurity practices were
materially misleading. That was litigated by the company, which does
not always happen. A lot of defendants settle SEC cases
rather than pursue dismissal, but they litigated in the Southern
(26:26):
District of New York. Judge Engelmeyer dismissed part of the
SEC's claims, not all of them, but some of them.
I mean, this was about a year or so ago,
and then we just got news last week that the
SEC has chosen not to go forward with the case.
Speaker 3 (26:42):
I mean, did this case diverge in any way from
a normal or the usual SEC enforcement actions.
Speaker 7 (26:50):
One way it diverged, I think is the defendant litigated
the case. And you know, another is that you know,
when you bring a major case like this, you usually
pursue it to the end, and I think that's usually
the practice with the SEC. Even when the administration changes,
you have enforcement cases that often are left over from
(27:13):
prior years because they take a long time to resolve,
and then you know, the enforcement staff is they continue
to litigate those cases, even if there might be some
disagreement with the new commission.
Speaker 6 (27:25):
And so it is a bit unusual.
Speaker 7 (27:28):
They're not unprecedented for the SEC to stop pursuing a case.
Of course, this did happen as well with the various
crypto enforcement cases. So for this SEC, it's not unprecedented.
For prior secs, I think it's unusual. I think that
would be fair to say.
Speaker 3 (27:44):
And also, is it the first time they suit a
computer security executive for a cybersecurity related issue? That companies
said that they were trying to expand their turf.
Speaker 7 (27:56):
That is unusual, right the chief Information Security office, sir,
who you know, it's not the CEO, it's not the
chief financial officer. And I don't know if they've ever
sued a chief information security officer before, but this is
certainly something that was relatively new. And so that was
another interesting aspect.
Speaker 6 (28:16):
Of the case.
Speaker 3 (28:18):
Why did the judge dismiss a lot of the case.
Speaker 7 (28:21):
You know, I think one reason was that the statements,
some of the statements the SEC alleged were misleading. Were
these broad statements about there's a risk of cybersecurity breach,
and these are the types of disclosures.
Speaker 6 (28:40):
That are made by a lot of companies. And what
the SEC was saying is that the reason.
Speaker 7 (28:46):
Those generic disclosures were misleading is that they were never
really updated even when it became clear to the company
that its cybersecurity was insufficient.
Speaker 6 (28:59):
And so the SEC was saying that you.
Speaker 7 (29:02):
Basically were putting out this generic disclosure to keep investors satisfied,
but you are not updating it when new developments came
along and investors would want you to update those risk disclosures.
And really, what the judge said as well, the risk disclosures.
(29:22):
They were enough to tell the investors that this was
a type of risk, and investors they understand that companies
talk in generalities like this. There's a doctrine called the
Puffrey doctrine where everyone understands companies are always going to
try to put a rosy tone on things, and they
(29:44):
speak in a very optimistic way. So they do this,
and investors know this, and they know that they shouldn't
trust these broad statements on face value, and so that
was the main reason a good chunk of the case
was dismissed. Now, there were statements that were more pacific
that were published on the company's website, which the judge
said could proceed. The claims could proceed because they made
(30:07):
much more specific statements that the company was using strong cybersecurity,
that they had gone through a rigorous development process, that
they were very sort of diligent in evaluating their internal
cybersecurity controls, and those statements might have been misleading.
Speaker 6 (30:25):
According to Judge.
Speaker 3 (30:27):
Ingle Meyer, what do you think the SEC caved here?
Speaker 7 (30:30):
I think that cybersecurity has been controversial in terms of
whether this is an area where the SEC should be
significantly involved, and it's only been fairly recently that we
think of cybersecurity as something that the high level managers
of the company must be really vigilant about. You know,
(30:55):
I think there was a time when we thought of
cybersecurity issues as being you know, this is what the
IT department is responsible for. It's not something that the
board really should be knowledgeable about, because the board quite
frankly doesn't have the expertise in evaluating a company cybersecurity.
Speaker 6 (31:10):
And so there's been a big shift.
Speaker 7 (31:12):
Though to require disclosure about cybersecurity and to require the
board to evaluate the adequacy of cybersecurity. I think that's
been controversial, although I think it still is an expectation.
And you know, in addition to cybersecurity efforts being generally controversial,
(31:32):
I think enforcement relating to cybersecurity disclosures might have been
even more controversial because the critics would say, you know, basically,
this is a company that was a victim of a
cyber attack, and so they were victims, and now you're
saying that they should also pay for misleading investors, and
(31:52):
so there might be something off putting or problematic about
saying that, well, you are the victim of the cyber attack,
plus you also have to pay money to your investors
because you didn't stop it. I think that's kind of
the argument here, is that you know, it's almost punishing
you twice for being the victim of a cyber attech. Now,
(32:13):
on the other hand, you could say, well, this is
a company with cyber security matters a lot, and so
they should have made more timely disclosures. That's the argument
on the other side. But I think that maybe what
the SEC was thinking here is that we want to
pull back a bit on cybersecurity enforcement.
Speaker 3 (32:29):
So officially, the SEC said that the decision to seek
dismissal is in the exercise of its discretion, does not
necessarily reflect the Commission's position on any other case. I mean,
do you think the SEC intends to continue to focus
on cybersecurity or this case says no.
Speaker 7 (32:50):
Well it's a powerful statement, but I think the SEC
maybe leaving some room to change its mind. And you know,
if they're maybe there are a better set of facts
around that they might find. And so I think they
are leaving open the option to bring enforcement cases and
(33:10):
they're not saying that. You know that you can't sort
of violate security sprout provisions through misstatements about cybersecurity. But
I think they're saying, in this case, maybe the case
was not as strong as it as it could have been.
And I think it's a powerful signal with respect to
this particular SEC.
Speaker 3 (33:29):
I guess chief information security officers are breathing a sigh
of relief with this because it would have meant personal liability.
Speaker 7 (33:38):
Yeah, I think I think that's right. I think they're there.
Definitely is potential for liability. You know, of course, if
they settle the you know, the payment may be covered
by an insurance policy. But it's never easy when you
are specifically named in a complaint, and you know, I
think if you're the CFO, you fully understand that this
(34:02):
is something that could happen. Chief information security officer, maybe not,
but you know. This also speaks though to the difficulty
of bringing cases against individual corporate officers, which the SEC
says it wants to do more of. But you know,
when you single out a particular individual, there is sometimes
(34:22):
a question of is it fair to put so much
blame on a single person when you know it might
have been more of a systematic problem at the corporation
that the high level officer may not have really had
complete control over. So I think that's an interesting point,
is that in some ways this kind of acknowledges that
it's actually really hard to build cases against individuals, and
(34:46):
sometimes it may you may see them unfair.
Speaker 3 (34:48):
Any final thoughts, Jim, I.
Speaker 7 (34:50):
Think you might think of these cybersecurity cases as just
another form of a type of case at commonly brought,
which is that you know there's some business development that
the company knows about some business failure. You know, we
have a product we thought was going to be great,
but we know it's going to be delayed a long time,
(35:13):
it has a lot of flaws in it, and you
know we we don't tell investors. I think it's fairly
clear now, based on you know, thirty forty years of
case law, that lying about business developments can violate securities
fraud laws. And you know, there's an argument that if
you are lying about the strength of your cybersecurity controls,
(35:37):
that that's not all that different, right, because you know,
it's not a business failure, but it is a failure
in what you're supposed to be doing to protect your customers,
to protect investors, And so these disclosures can be important.
Speaker 6 (35:53):
And I don't think.
Speaker 7 (35:54):
The SEC's direction in this was completely unfounded because I think,
you know, just closures in business practices relating to treatment
of customers and so forth are pretty relevant to what
investors are looking at for companies like this. I do
agree though, that, you know, it is difficult to sort
of determine, you know, when exactly was it clear that
(36:18):
they were engaging in really really risky behaviors that were
so far below the industry norm that we would want
them to be accountable for not saying more about their
vulnerability to a cyber attech. I think that's a really
difficult question to answer as well.
Speaker 3 (36:33):
Thanks so much, Jim. As always, that's Professor James Park
of UCLA Law School. And that's it for this edition
of The Bloomberg Law Show. Remember you can always get
the latest legal news on our Bloomberg Law Podcast. You
can find them on Apple Podcasts, Spotify, and at www
dot Bloomberg dot com, slash podcast Slash Law, And remember
(36:54):
to tune into The Bloomberg Law Show every weeknight at
ten pm Wall Street Time. I'm Jamie Grosso, and you're
listening to Bloomberg MHM.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Las Culturistas with Matt Rogers and Bowen Yang
Ding dong! Join your culture consultants, Matt Rogers and Bowen Yang, on an unforgettable journey into the beating heart of CULTURE. Alongside sizzling special guests, they GET INTO the hottest pop-culture moments of the day and the formative cultural experiences that turned them into Culturistas. Produced by the Big Money Players Network and iHeartRadio.
Crime Junkie
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.