Non-compete agreements are contractual restrictions that control employees’ future ability to work for competitors of their current employers, who seek to protect their financial interests and trade secrets. While employers traditionally reserved non-compete agreements, or restrictive covenants, for high-level employees whose departures could present a fiscal impact to the company, non-compete agreements are now common with various levels of employees.

However, not all non-compete agreements are enforceable. Whether a court will enforce a non-compete agreement depends on the subject employee and the imposed restrictions. First, the employer must determine whether the employee poses a risk, and is in possession of trade secrets or confidential information that gives the employer a competitive advantage. If so, the employer must then consider the reasonableness of the restriction as it relates to the duration, scope, and geographical area.[1] For example, the duration of the non-compete restriction should not be excessive compared to the value of confidential information the employee might possess.[2] Further, the scope of duties restricted and the geographical area to which those restrictions apply should be limited to the extent necessary to protect the employer.[3]

Employers should also consider public policy and the laws of applicable jurisdiction, which may weigh heavily on the decision to include a choice of law or forum selection clause. Delaware and California are stark examples of the differing jurisdictional approaches to enforcing non-compete agreements.

In Delaware, the court views restrictive covenants through a contractual lens and will generally enforce reasonable non-compete agreements. Delaware’s public policy respects the freedom to contract, with very limited exceptions, as its courts “respect[] the right of parties to freely contract and to be able to rely on the enforceability of their agreements. . . . [O]ur courts will enforce the contractual scheme that the parties have arrived at through their own self-ordering . . . Upholding freedom of contract is a fundamental policy of this State.”[4] If Delaware courts find an agreement to contain unreasonable terms, the court may choose to invoke the “judicial blue-pencil” to modify the agreement, rather than void it altogether.[5] 

In California, public policy prohibits any restraint on employment based on non-compete agreements. Section 16600 of the Business and Professions Code deems void any kind of contract to the extent it restrains anyone “from engaging in a lawful profession, trade or business of any kind.”[6] California does not consider whether the parties had adequate consideration or whether the terms were reasonable. “The interests of the employee in his own mobility and betterment are deemed paramount to the competitive business interests of employers.”[7] Although California is an at-will employment state, courts have found employers liable in tort for terminating employees who refused to sign a non-compete agreement.[8] The public policy concern with non-compete agreements is very strong; California courts have even voided non-compete agreements between out-of-state employers and employees that leave to work in California.[9]

These are just two different states’ approaches to enforcing non-compete agreements. Each state’s laws and the facts of each case will determine the enforceability of each respective non-compete agreement. These are just a few considerations for a lawyer preparing a non-compete agreement.

Regardless of how reasonable or well-drafted the non-compete agreement may be, the employer must have an action plan in the event an employee breaches the non-compete agreement. Cases involving the violation of non-compete agreements rarely proceed to trial. Thus, counsel should inform employers of all available remedies and consider the strategic effect that requests for injunctive and interim relief will have on the ultimate case disposition.

[1] See generally, e.g., Coady v. Harpo, Inc., 719 N.E.2d 244, 250 (Ill. App. Ct. 1999); Norman D. Bishara et al., An Empiracle Analysis of Noncompetition Clauses and Other Restrictive Postemployement Covenants, 68 Vand. L.J. 1, 28-35 (2015) (addressing the reasonableness requirement for restrictive covenant enforcement).

[2] See supra n. 2.

[3] See generally Philips Elecs. N. Am. Corp. v. Hope, 631 F.Supp.2d 705, 715 (M.D.N.C. 2009); Nev. Rev. Stat. § 613.200 (2017) (some states require the non-compete agreement to have valuable consideration and reasonableness pertaining to duration and scope, which is combined with the geographical area).  

[4] Ascension Ins. Hldgs., LLC v. Underwood, No. Civ. 9897-VCG, 2015 WL 356002, at *4 (Del. Ch. Jan. 28, 2015).

[5] See e.g., Del. Exp. Shuttle, Inc. v. Older, No. Civ.A. 19596, 2002 WL 31458243, at *13–14 (Del. Ch. Oct. 23, 2002) (adjusting a three-year time limit to a more reasonable “two-year duration” and imposing a geographical limitation where there was none).

[6] Cal Bus. & Prof. Code § 16600.

[7] Application Group, Inc. v. Hunter Group, 61 Cal. App. 4th 881, 900 (1998).

[8] D’sa v. Playhut, Inc., 85 Cal. App. 4th 927, 929, 934 (2000) (“[A]n employer cannot lawfully make the signing of an employment agreement, which contains an unenforceable covenant not to compete, a condition of continued employment.”)

[9] See Application Group, Inc., 61 Cal. App. 4th at 899-900 (striking down a Maryland employer’s non-compete agreement with a former employee who moved to work for a California employer).

This article is adapted from the Director’s Handbook: A Field Guide to 101 Situations Commonly Encountered in the Boardroom, edited by Frank Placenti, and from The Role of Independent Directors in Corporate Governance, Second Edition, by Bruce Dravis.

Even the strongest corporate governance practices cannot guarantee the quality of corporate results.

Governance is about process, not perfection. Governance is a form of corporate risk mitigation, focusing on the decision-making processes within a company to limit the likelihood boards and executives will misuse corporate assets or make ill-considered choices.

Director independence is part of that process and is not a goal in itself. Independence is an imperfect substitute for what investors and policymakers actually want: decision makers who act with integrity and who form judgments on behalf of shareholders after thoughtful and fair consideration of the salient facts, untainted by favoritism.

No rule can predict that an individual will make a virtuous choice at a critical moment. There is no objective test to ensure that a director will think and act on behalf of the best solution for the company, regardless of his or her personal stake in the outcome. Instead, the independence standards in the laws and rules for corporate governance measure potential conflicts of interest, with the assumption that independence from conflicts will produce independence in judgment.

For securities law purposes, the definition of director “independence” is derived in part from the 2002 Sarbanes Oxley Act, in part from the 2010 Dodd-Frank Act, in part from SEC regulations, and substantially from the rules of the NYSE and NASDAQ. In addition, appointment of special committees of the board, or approval of transactions between the company and insiders, can generate state law questions of independence. There are also separate IRS and SEC independence measurements connected to the approval of some executive compensation.

Accordingly, company counsel must consult multiple sources to advise the board on whether a determination of independence falls on the right side or the wrong side of a relevant definition.

Independence is typically considered in terms of a director’s independence from corporate management. Government and exchange independence rules surround corporate managers with individuals both inside and outside the corporation who are in a position to influence management’s decisions and actions, and who not only can form judgments independent of management, but also serve at times as a check on management.

In testing the independence of a director from management, the primary questions relate to whether the director has employment, family, or other significant economic or personal connections to the company, other than serving as a director. A director’s family or economic connections to the company’s outside auditor can also disqualify a director from being independent.

However, independence of directors can also be fact-specific and situational. In litigation, a director who is independent for other purposes could have a stake in the legal issues that renders him or her conflicted.

For that reason, a director who is independent for one purpose may not be independent for all purposes. The board cannot take a “set it and forget it” approach to determination of a director’s independence. If situations change, the determination of independence can change too.

Within the corporate governance process, independence is important at the board level and for committees of the board, many of which are required to be mostly or even entirely comprised of independent directors. Moreover, it is important to measure independence before electing directors or appointing them to critical committees. If a problem arises later, the company may not be able to cure the failure to meet the independence requirement.

The term “independent director” is often used interchangeably with the state corporate law term “disinterested director,” which means a director who does not have an economic or personal interest in a particular transaction or arrangement requiring board approval. The two terms overlap substantially, but they are not identical. Independent directors will be “disinterested directors,” almost as a matter of definition, but not all disinterested directors will be independent. For example, it would be possible for the CEO, as a nonindependent director, to be a “disinterested director” and to vote on a transaction in which another director had a financial or personal interest.

Management knows the day-to-day operations of a company in a way that the board cannot. The board relies on management to present complete and honest assessments of company performance in order to fulfill the board’s oversight duties. The board must ensure that it has processes to ensure that the information it receives is correct and not somehow tainted by honest error, undue optimism, or dishonest manipulation.

Directors who meet the requirements for independence can still make mistakes or misjudgments, and can still wind up being unduly influenced by management. The governance process, however, including director independence, does not promise perfection—just a process to mitigate the risks.

Director’s Handbook demonstrates that while no single legal treatise can hold the answers to all factual situations that clients encounter, one book can hold the important questions that the clients and the lawyers should be asking, offering 10 sample questions across 101 topics to get conversations going within the boardroom and between attorneys and clients. The Role of Independent Directors covers the formal and informal obligations of independent directors, derived from such varied sources as federal securities laws, state corporate and fiduciary laws, stock exchange contractual terms, and investor “best practice” considerations.

A “pro-sandbagging” clause is a provision in an acquisition agreement in which the seller of a company agrees that the buyer’s knowledge prior to the closing will not affect the buyer’s ability to bring a claim against the seller after the closing.[1] Typically, the pro-sandbagging clause is limited to the buyer’s potential indemnification claim if any of the contractual representations and warranties are inaccurate.[2] For example, a pro-sandbagging clause might read:

Buyer’s right to indemnification for any representations, warranties, or covenants within this acquisition agreement shall not be affected by any inspection, investigation, or knowledge acquired by Buyer (or that could have been acquired by Buyer).[3]

In cases where, prior to closing, the buyer has actual or constructive knowledge that a representation or warranty is inaccurate, this clause allows the buyer to complete the acquisition and then seek indemnification for the inaccurate representation or warranty after the closing (thereby “sandbagging” the seller).[4]

In some cases, however, the pro-sandbagging clause may be broader and not limited solely to an indemnification claim or the contractual representations and warranties. For example, the clause might read:

Buyer’s rights and remedies related to any representations, warranties, or covenants made by the Seller or the Acquisition Company shall not be affected by any inspection, investigation, or knowledge acquired by Buyer (or that could have been acquired by Buyer).

On its face, this provision includes all rights and remedies related to any representations made by the sellers or the acquisition company (including extra-contractual representations).[5] As a result, a buyer may attempt to apply this provision when bringing a fraud claim related to representations made by the seller or the acquisition company, including representations made outside of the contract. This article analyzes whether such a broad pro-sandbagging provision could allow a buyer to bring a post-closing fraud claim where, prior to the closing, the buyer had actual or constructive knowledge that the representation was actually or potentially false. In other words, can a pro-sandbagging clause negate an essential element of a fraud claim (i.e., reasonable reliance)?

I. Why Would a Buyer Want to Apply a Pro-Sandbagging Clause to a Fraud Claim?

The application of a pro-sandbagging clause typically arises in the context of a contractual indemnification claim. Still, there are two important situations where a buyer might attempt to apply a broad pro-sandbagging clause to a fraud claim. One situation is where a buyer is trying to avoid a contractual limitation on the amount of damages that it can recover for an indemnification claim. The other situation is where the buyer seeks damages based on extra-contractual representations by the seller.

First, many acquisition agreements include limitations on the sellers’ potential liability for indemnification claims. The seller will often agree to indemnify the buyer for losses caused by inaccurate representations and warranties, but only up to a certain capped amount.[6] In these situations, a buyer would not be able to recover damages greater than the capped amount under an indemnification claim. Notwithstanding these provisions, some states (including Delaware) hold that parties cannot contractually limit the seller’s liability for fraud.[7] These states reason that immunizing fraud is so against public policy that the court will ignore the parties’ contractual limitation on liability for a valid fraud claim.[8] Thus, a buyer may prefer to pursue a fraud claim over (or in addition to) an indemnification claim to avoid a contractual limitations cap on the damages that the buyer can recover. In such a situation, the buyer’s fraud claims would be significantly stronger if it could apply a pro-sandbagging clause to avoid any dispute about what, if any, knowledge the buyer acquired (or could have acquired) during the due diligence process.

Second, a buyer may want to pursue a fraud claim when the allegedly false statement is not included among the contractual representations and warranties in the acquisition agreement. Such extra-contractual statements may be actionable, provided that the acquisition agreement does not include an integration and/or a “nonreliance” provision.[9] Again, the buyer’s fraud claim is stronger if it can apply a pro-sandbagging clause to avoid any argument regarding the buyer’s actual or constructive knowledge regarding the accuracy of the seller’s extra-contractual representation.

II. The Common Law Regarding Sandbagging

Before considering the potential application of a pro-sandbagging provision to a fraud claim, it is important to understand different jurisdictions’ default law regarding “sandbagging” in contractual indemnification claims and the rationale for the common law.

A. The Modern Rule

Even absent an explicit pro-sandbagging provision, many jurisdictions follow the “modern rule,” which permits a buyer to bring an indemnification claim for inaccurate representations and warranties, regardless of the buyer’s knowledge of the inaccuracies prior to the closing. These courts hold that the representations and warranties are negotiated contractual obligations upon which the buyer had the right to rely.[11] The buyer is deemed to have purchased the seller’s promise that the company will meet the representations and warranties, and the seller may not avoid that promise just because the buyer has doubts (or even actual or constructive knowledge) regarding the accuracy or inaccuracy of the representations.[12] Indeed, where the buyer has reason to doubt the accuracy of the representation, the seller’s promise may be the most important.[13] The buyer wants to be certain that if the representation or warranty is not accurate, then the seller will bear any related losses, not the buyer. Among the states following the modern rule are Delaware, New York, Illinois, Florida, Connecticut, and Indiana.[14]

B. The Traditional Rule

Other states still follow the “traditional rule,” which is grounded in tort rather than contract law principles.[15] Under the traditional rule, a buyer must prove reliance on the representation or warranty as an element of the indemnification claim.[16] In these states, the contractual indemnification claims are similar to fraud claims, with reasonable reliance being a necessary element. The leading states that require a plaintiff prove reliance for a contractual indemnification claim include California, Kansas, Minnesota, and Texas.[17]

III. The Potential Application of a Pro-Sandbagging Provision on a Fraud Claim

In nearly every state, in order to prove a fraud claim, the buyer must show that it “reasonably relied” on the alleged fraudulent representation.[18] Under normal circumstances, a plaintiff cannot reasonably rely on a misstatement if the plaintiff knew that the statement was false.[19] Indeed, in some jurisdictions, a plaintiff cannot prove reasonable reliance if it merely had reason to doubt the representation.[20] Thus, the question will be whether a pro-sandbagging clause can negate the reasonable reliance element of a fraud claim.

A. The Seller’s Argument

A seller defending a fraud claim will likely argue that the buyer did not reasonably rely on the alleged representation because the buyer acquired knowledge during due diligence which caused (or should have caused) the buyer to doubt the alleged representation.[21] The seller will argue that a buyer cannot “reasonably rely” on a representation if the buyer discovered contradictory information during the due diligence process.[22] The seller will claim it would be “unreasonable” for the buyer to rely on a representation that the buyer’s own due diligence gave it reason to doubt. The seller also may argue that the buyer has no “right to rely” on information that it should have discovered as part of its due diligence.[24]

Where the acquisition agreement contains a broad pro-sandbagging clause, the seller may still argue that the buyer’s actions undermine any allegation that the buyer actually relied on the representation. The seller may argue that if the buyer were truly relying on a representation that the buyer had reason to question, the buyer would have negotiated an express representation or warranty into the contract.[25] The seller will likely argue that the buyer would not leave a representation on which it was truly relying outside of the contract, especially where the buyer had reason to believe that the representation might not be accurate.[26] If the buyer really were relying on the information—and not just trying to “trick” the seller—the buyer would have negotiated a contractual representation and warranty; it would not have risked the enforcement of the representation by relying solely on a broad pro-sandbagging clause.

B. The Buyer’s Argument

The buyer, on the other hand, will argue that its knowledge is not relevant to its fraud claim because of the broad pro-sandbagging clause. Indeed, the buyer may argue that the pro-sandbagging provision is exactly why it relied on the seller’s representations. In other words, notwithstanding the information it uncovered during due diligence, the buyer believed it could reasonably rely on the seller’s representations precisely because it had a broad pro-sandbagging provision in the acquisition agreement to protect it.

One case that the buyer may cite in support of its argument is Cobalt Operating, LLC v. James Crystal Enters.[27] In Cobalt, the buyer brought fraud and breach of contract claims against the seller for providing false financial information. The seller argued that the buyer could not prove that the buyer reasonably relied upon the false representations because the buyer’s due diligence uncovered the same information. The Cobalt court rejected the seller’s argument and held that the buyer satisfied its burden to show justifiable reliance for a fraud claim, in part, based on certain contractual provisions (including a pro-sandbagging clause) that promised the buyer could rely on the seller’s representations.[28]

First, the court held that the buyer could rely on the seller’s representations to support its fraud claim because the acquisition agreement contained an express and unqualified representation regarding the material accuracy of the acquisition company’s financial statements and its compliance with the law.[29] The court held that this contractual representation also supported the buyer’s justifiable reliance for its fraud claim.[30]

Second, Cobalt cited the contract’s pro-sandbagging provision, which stated, “no inspection or investigation made by or on behalf of [buyer] or [buyer’s] failure to make any inspection or investigation shall affect [the seller’s] representations, warranties, and covenants hereunder or be deemed to constitute a waiver of any of those representations, warranties, or covenants.”[31] Although, this pro-sandbagging provision covered only representations within the acquisition agreement, the court held that “[h]aving contractually promised [the buyer] that it could rely on certain representations, [the seller] is in no position to content that [the buyer] was unreasonable in relying on [the seller’s] own biding words.”[32]

Although the court did not explicitly address the effect of the pro-sandbagging clause on the buyer’s fraud claim, a buyer will likely cite Cobalt as holding that a contractual provision (i.e., the representation regarding material accuracy of the financial statement) can support the reasonable reliance element of a fraud claim. A buyer will similarly argue that it reasonably relied on the contractual pro-sandbagging provision when it accepted the seller’s extracontractual statements.[33]

In addition to Cobalt, a buyer may point to California law and the “traditional” common law rule as evidence that a broad pro-sandbagging provision can negate the “reasonable reliance” element of a fraud claim. As discussed above, a buyer cannot under California common law bring a claim for breach of an express warranty if the buyer had knowledge that the representation was false.[34] The buyer must show that it reasonably relied on the representation (even an express representation in contract).[35] In this way, an indemnification claim in California is the same as a fraud claim in other states; the buyer must prove reliance as an element of both claims.

Notwithstanding this general rule, California courts have held that a contractually negotiated pro-sandbagging provision can override the “reasonable reliance” element for an indemnification claim. In Telephia, Inc. v. Cuppy, the court cited the language of two pro-sandbagging provisions in an asset purchase agreement. [36] One of these provisions stated: “[n]o investigation made by or on behalf of the [buyer] with respect to the [acquisition company or its shareholders] shall be deemed to affect the [buyer’s] reliance on the representations, warranties, covenants, and agreements made by [the acquisition company].”[37] Telephia held that this provision was clear; the seller must be held accountable to the warranties in the acquisition agreement regardless of the buyer’s reliance on those warranties.[38] Based on Telephia, a buyer might argue that a similar pro-sandbagging provision also could override the “reasonable reliance” element for a fraud claim, just like it overrode California’s reliance requirement for an indemnification claim.

IV. Conclusion

As discussed herein, there are arguments on both the buyer’s and seller’s sides regarding whether a broad pro-sandbagging provision can be applied to avoid the “reasonable reliance” element of a fraud claim. Thus, to the extent that a buyer insists on negotiating a pro-sandbagging provision in an acquisition agreement, the seller should seek to draft the provision as narrowly as possible. To avoid these issues, a seller should include explicit language (i) limiting the pro-sandbagging clause solely to indemnification provisions and contractual representations and warranties, and (ii) excluding its application to any fraud claims and/or extracontractual representations.

[1] See Aleksandra Miziolek & Dimitrios Angelakos, SANDBAGGING, From Poker to the World of Mergers and Acquisitions, 92 Mich. B.J. 30 (June 2013).

[2] See id. (“A pro-sandbagging provision renders a buyer’s pre-closing knowledge of a breach of a seller’s warranty . . . irrelevant to its claims for indemnification for such breach.”).

[3] Other examples of such provisions include:

[N]o inspection or investigation made by or on behalf of [Buyer] or [Buyer’s] failure to make any inspection or investigation shall affect [Seller’s] representations, warranties, and covenants hereunder or be deemed to constitute a waiver of any of those representations, warranties, or covenants.

Cobalt Operating, LLC v. James Crystal Enters., 2007 WL 2142926, at *28 (Del. Ch. April 25, 2007) (citing section 9.2 of the relevant asset purchase agreement);

No information or knowledge obtained in any investigation . . . shall affect or be deemed to modify any representation or warranty contained in this Agreement. . . .

Telephia, Inc. v. Cuppy, 411 F. Supp. 2d 1178, 1188 (N.D. Ca. 2006) (citing section 6.1 of the relevant stock purchase agreement);

No investigation made by or on behalf of the [Buyer] with respect to the [Acquisition Company or its Shareholders] shall be deemed to affect the [Buyer’s] reliance on the representations, warranties, covenants, and agreements made by [the Acquisition Company].

Id. (citing section 10.1 of the relevant stock purchase agreement); and

Every . . . warranty . . . set forth in this Agreement and . . . the rights and remedies . . . for any one or more breaches of this Agreement by Sellers shall . . . not be deemed waived by the Closing and shall be effective regardless of any . . . prior knowledge by or on the part of the Purchaser.

Pegasus Mgmt. Co. v. Lyssa, Inc., 995 F. Supp. 29, 38 (D. Ma. 1998) (citing Section 9.1 of the relevant asset purchase agreement).

[4] See Miziolek & Angelakos, supra note 1, at 30 (“under certain circumstances, a buyer who has knowledge of the inaccuracy of a seller’s warranty may decide that it is more advantageous to sandbag the seller and try to recover on a breach of warranty claim after the closing of the transaction.”); Glenn D. West & Kim M. Shah, Debunking the Myth of the Sandbagging Buyer: When Sellers Ask Buyers to Agree to Anti-Sandbagging Clauses, Who Is Sandbagging Whom?, 11 The M&A Law. 3 (Jan. 2007) (“Rather than being forced to choose between negotiating a price concession or terminating or attempting to terminate the deal . . .the buyer may simply wish to enforce the benefit of the bargain it made by choosing to close the transaction and seek indemnification based upon the specific, contractual representations and warranties it negotiated with the sellers.”); see also Luke P. Iovine III, Sandbagging in M&A Deals: Silence May Not Be Golden, 16 The M&A Law. 10 (Nov/Dec 2012); Charles K. Whitehead, Sandbagging: Default Rules and Acquisition Agreements, 36 Del. J. Corp. L. 1081, 1082–83 (2011).

[5] Even the ABA’s model pro-sandbagging provision could be interpreted to include (i) fraud claims and (ii) extra-contractual representations, and may not be limited solely to contractual indemnification claims. The ABA’s model provision provides:

The right to indemnification, payment, reimbursement, or other remedy based upon any such representation, warranty, covenant, or obligation will not be affected by any investigation (including any environmental investigation or assessment) conducted or any Knowledge acquired at any time, whether before or after the execution and delivery of this Agreement or the Closing Date, with respect to the accuracy or inaccuracy of, or compliance with, such representation, warranty, covenant, or obligation.

See Whitehead, supra note 4, at 1087, n.19 (citing ABA Mergers & Acquisitions Comm., Model Stock Purchase Agreement with Commentary 299 (2d ed. 2010) (emphasis added); see also Miziolek & Angelakos, supra note 1, at 30 (citing same).

[6] West & Shah, supra note 4, at 3.

[7] See, e.g., Abry Partners V, L.P. v. F&W Acquisition LLC, 891 A.2d 1032, 1064 (Ch. Del. 2006) (holding that exclusive remedy and limitation-on-liability provisions in a stock purchase agreement could not limit the seller’s exposure for claims of fraud under Delaware public policy).

[8] Id.

[9] See, e.g., id. at 1059 (holding that in order to bar a fraud claim for extra-contractual statement, an integration clause must contain language that shows a clear anti-reliance clause by which the plaintiff has contractually promised that it did not rely upon statements outside of the contract’s four corners in deciding to sign the contract); IAC Search, LLC v. Conversant LLC, 2016 WL 6995363, at *6 (Del. Ch. Nov. 30, 2016) (holding that there are no magic words to disclaim reliance, but that an anti-reliance clause must come from the point of view of the buyer asserting fraud and cannot be simply an assentation by the seller of what it was and was not representing and warranting); West & Shah, supra note 4, at 3–4.

[10] See, e.g., Charles K. Whitehead, Sandbagging: Default Rules and Acquisition Agreements, 36 Del. J. Corp. L. 1081, 1084–85, Appendix A, 1108–14 (2011); Brandon Cole, 42 J. Corp. L. 445, 448–49.

[11] See CBS, Inc. v. Ziff-Davis Publ’g Co., 553 N.E.2d 997, 1000–01 (N.Y. 1990) (“The critical question is not whether the buyer believed the truth of the warranted information . . . but whether it believed it was purchasing the seller’s promise as to the truth.”).

[12] Id. at 1001 (“the fact that the buyer has questioned the seller’s ability to perform as promised should not relieve the seller of his obligations under the express warranties when he thereafter undertakes to render the promised performance.”).

[13] See Universal Enterprise Group, L.P. et al. v. Duncan Petroleum Corp. et al., 2013 WL 3353743, at *15 (Del. Ch. July 1, 2013) (noting that after the buyer discovered evidence that caused it to question some of the seller’s representations, the buyer renegotiated the acquisition agreement to expressly allocate the risk to the seller).

[14] See Whitehead, supra note 10, at 1108–14, Appendix A, 1108–14; Cole, supra note 10, at 449.

[15] See Whitehead, supra note 10, at 1084, Appendix A, 1114–15.

[16] Id.

[17] Id.

[18] See, e.g., 37 Am. Jur. 2d Fraud & Deceit § 231 (2d ed. Nov. 2017); Law of Fraudulent Transactions § 2:3 (Aug. 2017).

[19] 37 Am. Jur. 2d Fraud & Deceit § 231.

[20] Id.

[21] The strength of the seller’s defense also may turn on what information the buyer allegedly discovered during due diligence and exactly how it relates to the alleged fraudulent representation. See Ainger v. Michigan Gen. Corp., 476 F. Supp. 1209, 1229 (S.D.N.Y. 1979) (holding that the buyer could bring a fraud claim against the seller, even though the buyer was informed prior to closing that the acquisition company did not did not have a contract vesting it with ownership in a book series, because the seller actively prevented the buyer from discovering that the author had affirmatively asserted a claim to book series).

[22] See Universal Enterprise Group, 2013 WL 3353743, at *15 (dismissing a buyer’s fraud claim because the buyer discovered evidence during due diligence that called into question the allegedly fraudulent representation); see also 37 Am. Jur. 2d Fraud & Deceit § 231 (“Reliance cannot be deemed reasonable for purposes of a claim for fraud . . . when minimal investigation would have revealed the truth, or when the plaintiff closes its eyes and passively accepts the contradictions that exist in the information available to it.”).

[23] Id. at 14 (“a party who gains actual knowledge of the falsity of a representation, structures a contract to address the risk of loss associated with the false representation, and proceeds to closing cannot claim justifiable reliance.”); see also 37 Am. Jur. 2d Fraud & Deceit § 231 (“In some jurisdictions, if a fraud plaintiff even has reasons to doubt the truth of a representation, reliance is not reasonable.”).

[24] See Doral Money, Inc. v. HNC Prop., LLC, 2014 WL 5791574, at *7 (D. Or. Nov. 6, 2014) (holding that the buyer failed to prove the “right-to-rely” element of a fraud counterclaim because the buyer “cannot fail to conduct due diligence before entering into an arm’s-length business transaction and then bring a claim for fraud against the other party to the transaction for allegedly misrepresenting facts that the sophisticated business could and should have discovered on its own.”); MAFG Art Fund, LLC v. Gagosian, 123 A.D.3d 458, 459 (N.Y. App. Div. 2014) (holding that, as a matter of law, a sophisticated buyer cannot demonstrate reasonable reliance when they conduct no due diligence); see also 37 Am. Jur. 2d Fraud & Deceit § 231 (“Reliance cannot be deemed reasonable for purposes of a claim for fraud . . . when minimal investigation would have revealed the truth . . . .”).

[25] See Universal Enterprise Group, 2013 WL 3353743, at *15 (recognizing that the buyer treated the seller’s alleged fraudulent representation with “healthy skepticism” and went forward with the acquisition only after renegotiating the contract to expressly allocate the risk to the seller that the representation was false).

[26] For contractual representations and warranties, the seller may argue that a fraud claim cannot be based entirely on a breach of the terms of a contract. In re Bracket Holding Corp. Lit., 2017 WL 3283169, at *8 (Del. Super. Ct. July 31, 2017) (“Under Delaware law, a plaintiff may claim fraud ‘based on representations found in a contract,’ but ‘where an action is based entirely on a breach of the terms of a contract between the parties, and not on a violation of an independent duty imposed by law, a plaintiff must sue in contract and not in tort.’” (quoting ITW Glob. Invs. Inc. v. Am. Indus. P’rs Capital Fund IV, L.P., 2015 WL 390908, at *6 (Del. Super. Ct. June 24, 2015).).

[27] 2007 WL 2142926, at *27.

[28] Id. at 27–28.

[29] Id. at 27.

[30] Id. The court distinguished Homan v. Turoczy, 2005 WL 2000756 (Del. Ch. 2005), which held that a buyer could not establish justifiable reliance necessary to recover for fraud or equitable fraud where the buyer proceeded to closing in a commercially unreasonable manner, failed to conduct any meaningful due diligence, and signed an express anti-reliance clause stating that he was not relying on the statements that he later claimed to be false.

[31] Id. at 28.

[32] Id.

[33] The seller may argue that Cobalt is distinguishable because the allegedly fraudulent representation was an express and unqualified representation within the acquisition agreement (i.e., the representation regarding the material accuracy of the acquisition company’s financial statements and its compliance with the law) and not an extracontractual statement.

[34] See, e.g., Kazerouni v. De Satnick, 228 Cal. App. 871, 872–73 (Cal. App. 1991).

[35] Id.

[36] See Telephia, Inc. v. Cuppy, 411 F. Supp. 2d at 1188 (holding that the buyer was not required to prove reliance on written warranties based on the pro-sandbagging provision in the parties’ acquisition agreement).

[37] Id. (citing section 10.2 of the stock purchase agreement).

[38] Id. (“Although the defendants argue that it would be ‘condoning a fraud’ to allow [the buyer] to enforce warranties that it knew to be false, the Court finds it no stranger a result than to interpret the [acquisition agreement] in a manner that results in [the buyer] having insisted on a toothless provision.”)

On Friday, June 22, 2018, the Supreme Court issued its much-anticipated opinion in Carpenter v. United States, 585 US. __ (2018), and declared a Fourth Amendment privacy right for cell phone location data. Seeing how “seismic shifts” in technology have altered our conceptions of privacy, the court revised its long-held “reasonable expectation of privacy” test and ruled that police obtaining cell site location information (CLSI) records from a person’s cell phone service provider constitutes a Fourth Amendment “search” requiring a warrant.

The case involved a string of nine robberies in Michigan and Ohio. One man arrested early on for several of these robberies confessed to the crime spree and identified a number of accomplices, giving the police their cell phone numbers. The police then obtained court orders under section 2703(d) of the Stored Communications Act (SCA) to require their cell phone service providers to share historical CLSI records for these cell phones from the four-month period of the robberies. (Section 2703(d) enables the government to seek a court order requiring disclosure of certain “noncontent” business records from an electronic communications service provider upon presenting “specific and articulable facts showing that there are reasonable grounds to believe that . . . the records or other information sought[] are relevant and material to an ongoing criminal investigation.” 18 U.S.C. § 2703(d).) In general, cell phone service providers maintain a vast network of towers with sensors mounted on top (usually three sensors forming a triangle) that send and receive radio signals to and from people’s cell phones when they make or receive calls, text messages, or otherwise transmit data over the cellular network. The providers maintain a record of which tower and sensor—or “cell site”—was used whenever a cell phone makes or receives a call or text message. By analyzing such business records, the police can infer the approximate location of the cell phone at the time of the call or text message. In the Carpenter case, the historical CLSI records obtained by the police indicated that Carpenter’s cell phone was near four of the charged robberies when they were committed. He was convicted of multiple robbery charges following a trial and then appealed.

Writing for the court, Chief Justice Roberts reasoned that CSLI records do not “fit neatly under existing precedents” and instead lie at the “intersection of two lines of cases” about the scope of a person’s reasonable expectation of privacy protected by the Fourth Amendment. Id. at *7. On one hand, there is the third-party doctrine established by Smith v. Maryland, 442 U.S. 735 (1979) (no reasonable expectation of privacy in records of dialed telephone numbers held by a telephone company) and United States v. Miller, 425 U.S. 435 (1976) (no reasonable expectation of privacy in financial records held by a bank). Under that doctrine, “‘a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties,’” id. at *9 (quoting Smith, 442 U.S. at 743–44), and “[t]hat remains true ‘even if the information is revealed on the assumption that it will be used only for a limited purpose,’” id. (quoting Miller, 425 U.S. at 443).

On the other hand, there are the court’s cases about police use of “sophisticated technology” to track the location and movements of a vehicle, including United States v. Knotts, 460 U.S. 276 (1983) (use of a beeper hidden inside a barrel of chemicals sold to the suspect to help police conduct aerial surveillance of his vehicle) and United States v. Jones, 565 U.S. 400 (2012) (covert installation of a GPS tracking device on a suspect’s vehicle that enabled police to remotely monitor its movements for 28 days). These decisions address what Chief Justice Roberts called “a person’s expectation of privacy in his physical location and movements.” Carpenter at *7. Although finding no Fourth Amendment violation in Knotts because generally a vehicle’s public movements implicate no privacy interest, the court specifically reserved the question of whether “different constitutional principles may be applicable” if “twenty-four hour surveillance of any citizen of this country [were] possible.” Knotts, 406 U.S. at 283–84. More recently, although the Fourth Amendment violation found by the Jones decision was premised on the act of trespass when police installed the GPS tracking device, five concurring Justices concluded agreed that “‘longer term GPS monitoring in investigations of most offenses impinges on expectations of privacy’—regardless whether those movements were disclosed to the public at large.” Carpenter at *8 (quoting Jones, 565 U.S. at 430 (Alito, J., concurring); Jones, 656 at 415 (Sotomayor, J., concurring)).

In the face of these two competing lines of cases, the court elected to continue down the path indicated by the Jones concurring opinions, declaring, “[w]hether the Government employs its own surveillance technology as in Jones or leverages the technology of a wireless carrier, we hold that an individual maintains a legitimate expectation of privacy in the record of his physical movements as captured through CSLI.” Carpenter at *11. The court noted that after the Jones decision, five Justices had “already recognized that individuals have a reasonable expectation of privacy in the whole of their physical movements.” Id. at *12. In the Carpenter decision, the court simply adopted their reasoning about long-term GPS monitoring—namely, that such precise and lengthy location monitoring contravenes society’s expectations about the degree of physical surveillance to be expected from law enforcement, and that such comprehensive location records can uncover a person’s most private affairs. “As with GPS information,” the court explained, “the time-stamped [CSLI] data provides an intimate window into a person’s life, revealing not only his particular movements, but through them his ‘familial, political, professional, religious, and sexual associations.’” Id. at *12 (quoting Jones, 565 U.S. at 415 (Sotomayor, J., concurring)).

Finally, Carpenter distinguished the third-party doctrine from Smith and Miller by emphasizing “the deeply revealing nature of CSLI, its depth, breadth, and comprehensive reach, and the inescapable and automatic nature of its collection.” Id. at *22. On this last point, the court reasoned that CSLI records “[are] not truly ‘shared’ as one normally understands the term” because they are generated “by dint of [the cell phone’s] operation, without any affirmative act on the part of the user beyond powering up,” and now “cell phones and the services they provide are ‘such a pervasive and insistent part of daily life’ that carrying one is indispensable to participation in modern society.” Id. at *17 (quoting Riley v. California, 134 S. Ct. 2473, 2484 (2014)). The court added: “After all, when Smith was decided in 1979, few could have imagined a society in which a phone goes wherever its owner goes, conveying to the wireless carrier not just dialed digits, but a detailed and comprehensive record of the person’s movements.” Id. at *11.

Chief Justice Roberts’s majority opinion claims that “[o]ur decision today is a narrow one” relating only to historical CSLI records. Id. at *17. However, the implications of this decision are manifold and far-reaching. Whereas previously this line of cases consisted of Knotts dicta and Jones concurring opinions, now the court has firmly declared that “individuals have a reasonable expectation of privacy in the whole of their physical movements” that will be protected from police intrusion by the Fourth Amendment. Id. at *12. In addition, whereas the Jones concurrence focused on “longer term GPS monitoring,” the Carpenter decision provided no clear guidance on the duration of the time period of cell phone location data that is protected by this Fourth Amendment right. What is more, the court applied its ruling to historical CSLI records that had been originally collected and maintained by a private company for its own commercial purposes. Before now, private surveillance or data collection (even unlawful wiretapping) that had not been conducted at the government’s behest was considered to be beyond the scope of the Fourth Amendment, which applies only to government searches and seizures. See United States v. Jacobsen, 466 U.S. 109, 113–14 (1984). Thus, Carpenter disrupted more than just the third-party doctrine of Smith and Miller.

Ultimately, Carpenter may have even greater implications for Fourth Amendment jurisprudence. In the seminal decision of Katz v. United States, 389 U.S. 347 (1967), the court overruled earlier case law that limited Fourth Amendment protection to police trespassing upon one’s property, and declared that the Fourth Amendment also protects a person’s reasonable expectation of privacy. In what became settled law, this “expectation of privacy” test required “that a person has exhibited an actual (subjective) expectation of privacy . . . that society is prepared to recognize as ‘reasonable.’” Id. at 361 (Harlan, J., concurring). At a basic level, this involved “draw[ing] a line between what a person keeps to himself and what he shares with others.” Carpenter at *9. Although the Carpenter court invoked the Katz test like always, its decision actually moved away from this classic analysis and embarked upon a different approach to the scope of the Fourth Amendment. Under Carpenter, the test is not “reasonable expectation of privacy” as such, but instead “reasonable expectation of privacy from the Government.” The touchstone is not protecting “what [one] seeks to preserve as private,” Katz, 389 U.S. at 351, but instead “‘plac[ing] obstacles in the way of a too permeating police surveillance.’” Carpenter at *6 (quoting United States v. Di Re, 332 U.S. 581, 595 (1948).¹ Curiously, when examining the expected privacy of CSLI records, the Carpenter Court did not address Section 2702(c)(6).).

Another key feature of Carpenter is how the court grapples with the technological and social changes of modern society. As observed in Justice Kennedy’s dissenting opinion, “[cell phone service] providers contract with their customers to collect and keep these [CSLI] records because they are valuable to the providers . . . [who] aggregate the records and sell them to third parties along with other information gleaned from cell phone usage.” Id. at *5 (Kennedy, J., dissenting). Likewise, customers routinely agree to share with private companies their GPS location data, web browsing habits, social networking communications, and all manner of sensitive personal data when using online services and connected devices. In such a world where personal information has become a proliferating commodity that is widely shared and utilized in the digital economy, the classic “reasonable expectation of privacy” test requiring actual privacy would, in the end, chip away at the Fourth Amendment as a bulwark against unfettered police surveillance. In this context, the Carpenter decision makes sense and may represent the future of the Fourth Amendment.

1. Notably, Congress had already drawn a similar line in the SCA, 18 U.S.C. §§ 2701 et seq., which was part of the Electronic Communications Privacy Act of 1986 responding to the Smith decision. Section 2702(c)(6) expressly authorizes cell phone and other electronic communication service providers to disclose non-content business records such as CSLI “to any person other than a governmental entity,” who alone must obtain court authorization under Section 2703. 18 U.S.C. § 2702(c)(6). 

Stockholders must ordinarily make a demand on their board of directors before initiating litigation on the corporation’s behalf. But the litigation consequences of a stockholder demand—a binding concession of the board’s ability to impartially consider a demand—are so harsh in the ensuing litigation that stockholders rarely choose that path. The demand requirement is thus falling short of its promise as an internal dispute resolution mechanism. If, as we suggest, stockholders typically avoid making a demand and instead prefer to initiate litigation and raise demand futility arguments, no matter how weak, they deprive independent boards of the opportunity to consider the merits of potential litigation outside the court-room. We propose a private-ordering solution, in which stockholders and boards can agree, if they choose, to reserve rights on demand futility arguments while a demand review process is undertaken. This would allow boards to engage with stockholders in the review process, and would replace some demand futility litigation with boardroom deliberation, thereby restoring the internal dispute resolution function to the demand requirement.

I. INTRODUCTION

Stockholder derivative litigation follows a familiar path. The plaintiff files a complaint, alleging that demand is futile. The defendants move to dismiss under Court of Chancery Rule 23.1,¹ arguing that the plaintiff failed to make a demand on the board of directors to bring the suit on behalf of the corporation. The motion is usually coupled with a motion to dismiss under Rule 12(b)(6)² for failure to state a claim. If the Court of Chancery grants the motion to dismiss on either ground, the matter ends. If the Court of Chancery denies the motion, then the parties litigate or propose a settlement of the case, unless and until the corporation forms a special litigation committee to regain control from the plaintiff.³

What happens, though, if instead of pleading demand futility, the plaintiff actually makes a litigation demand? This path appears to be traveled less frequently, and appears to be less well understood by practitioners and directors alike. Accordingly, this article highlights the review process undertaken by a committee that is formed to consider a demand. It also highlights the differences between demand review committee practice and special litigation committee practice. Finally, it proposes a modest adjustment to our law that would restore some of the functionality of the demand requirement, which has eroded over time.

II. BACKGROUND OF THE DEMAND REQUIREMENT

The board of directors has the statutory authority to manage “[t]he business and affairs” of a corporation,⁴ including its legal claims.⁵ As a corollary, the board also has the fiduciary responsibility to manage the corporation’s legal claims with care and loyalty to the corporation and its stockholders.⁶

The demand requirement balances the board’s statutory authority and its accountability to the corporation and its stockholders.⁷ It requires a stockholder who seeks to litigate derivatively on the corporation’s behalf to first demand that the board pursue the claim, unless she can plead particularized facts tending to show that demand would be futile. A derivative action is thus effectively two suits in one, with the question of demand futility at its fulcrum: “First, it is the equivalent of a suit by the shareholders to compel the corporation to sue. Second, it is a suit by the corporation, asserted by the shareholders on its behalf, against those liable to it.”⁸

Demand is futile if a majority of the board is interested in the underlying claim, lacks independence, or faces a substantial risk of personal liability, including because there is a reasonable doubt about whether the challenged transaction was a valid exercise of business judgment.⁹ For purposes of considering a litigation demand, a director is interested if she has a material interest in the subject matter of the demand that is not shared by the corporation or its stockholders.¹⁰ A director lacks independence if she is beholden to a person or entity that is interested in the subject matter of the demand.¹¹ A director who faces a substantial risk of personal liability in the underlying claims is deemed interested in the outcome of the investigation.¹²

The demand requirement thus permits a corporation to dismiss a derivative action “if its board is comprised of directors who can impartially consider a demand.”¹³

III. THE DEMAND REVIEW COMMITTEE

If a stockholder plaintiff makes a litigation demand, the stockholder cedes control of the corporation’s claim to the board of directors.¹⁴ The board determines “the best method to inform itself of the facts relating to the alleged wrong-doing and ‘the considerations, both legal and financial, bearing on a response to the demand.’”¹⁵ In some circumstances, depending on the substance of the demand, the full board will act on the demand without the need for investigation. But if the demand warrants an investigation, the board often forms an ad hoc “demand review committee” to investigate the subject matter of the demand and make recommendations to the full board about how to respond.

A. COMMITTEE FORMATION, AUTHORIZATION, AND MEMBERSHIP

By making a demand on the board, the would-be stockholder plaintiff concedes that a majority of the board is capable of impartially considering the demand.¹⁶ Yet, the disinterestedness and independence of the members of the board remain critical concerns in committee formation, even after a demand has been made:

Simply because the composition of the board provides no basis ex ante for the stockholder to claim with particularity and consistently with Rule 11 that it is reasonable to doubt that a majority of the board is either interested or not independent, it does not necessarily follow ex post that the board in fact acted independently, disinterestedly or with due care in response to the demand. A board or a committee of the board may appear to be independent, but may not always act independently.¹⁷

And, although a stockholder plaintiff concedes the independence of a majority of the board by making a demand, the demand typically does not identify a subset of particular board members to whom the demand is directed.¹⁸ Consider, for example, a five-member board, two of whom are fiduciaries of the corporation’s controlling stockholder and the other three of whom are outside independent directors. A stockholder plaintiff might demand that the board investigate claims against the controlling stockholder, thus conceding that a majority of the board—three of five—is capable of impartially considering the demand. But if the board chooses to form a three-member committee and includes the two dual fiduciaries, it will not fare well.¹⁹ As a result, when considering whether to form a demand review committee, a board should identify a subset of directors whose independence, disinterestedness, and impartiality are as unassailable as possible given the underlying allegations and the composition of the board.²⁰

In addition to vetting board members for their independence and disinterestedness, demand review committee members also must prepare, with the assistance of independent counsel and other advisors as necessary, to do the work required to investigate properly the matters at issue in a demand. This has a practical dimension, in that demand review committee investigations can take many months.²¹ But it also has a legal element; although the effort expended by the committee should be proportional to the issues at stake in the demand, the vigor with which a demand review committee investigates its subject matter from the outset helps to establish the committee’s independence-in-fact.²²

So too does an appropriate committee charter. The charter of a board committee is an important document that delineates the committee’s objective and its authority.²³ For a committee process to be successful, the committee’s charter must provide it contextually sufficient authority to fulfill its mandate; a committee that is not given sufficient authority may never overcome that obstacle.²⁴

In its charter, a demand review committee should be given all of the power and resources it needs to conduct a proportionately thorough, independent investigation into the facts and circumstances giving rise to the demand.²⁵ Because a stockholder who made a demand has already conceded that a majority of the full board can impartially consider the demand, the demand review committee need only make recommendations to the full board on how to respond to the demand.²⁶ It need not be granted the full power and authority of the board to act on behalf of the corporation. Doing so may give rise to a “counter-concession” that the non-committee members of the board are incapable of faithfully considering the demand, even upon recommendation from the demand review committee.²⁷

To avoid any implications or inferences that could be drawn by committee membership, the demand review committee charter should identify the members of the committee, the rationale for their inclusion, and the rationale for the exclusion of others.²⁸ A demand review committee charter should also permit the committee to hire its own advisors, paid for by the company, and should grant the committee access to management and company resources as needed.²⁹

B. COMMITTEE INVESTIGATION

Once a demand review committee investigation is successfully launched, with independent and disinterested committee members, independent advisors,³⁰ and all of the resources it needs, it has wide latitude to chart its own course, and should follow wherever the facts lead. “In any investigation, the choice of people to interview or documents to review is one on which reasonable minds may differ. . . . . Inevitably, there will be potential witnesses, documents and other leads that the investigator will decide not to pursue.”³¹ As with a merger,³² in the demand review context “there is obviously no prescribed procedure that a board must follow.”³³

But if the committee, advised by its own counsel, makes its own decisions about the scope of its investigation, those decisions are given great weight so long as they are well documented and not grossly negligent. Courts have found investigations adequate when the committee chose to interview as few as two³⁴ and as many as “more than 25”³⁵ witnesses. And, courts have rejected arguments that an investigation was deficient for not interviewing certain witnesses, without particularized facts showing that those witnesses had unique knowledge that could have changed the outcome.³⁶

Despite the leeway they are given, demand review committees should consider engaging with the demanding stockholder during the investigation to address in advance any perceived deficiencies.³⁷ They should give serious consideration to interviewing witnesses specifically identified by the demanding stockholder as being witnesses who would corroborate the underlying claims.³⁸ At a minimum, demand review committees should ensure they do not overlook any of the facts and circumstances specifically referenced in the demand.³⁹

C. COMMITTEE RECOMMENDATIONS AND JUDICIAL REVIEW

Following its investigation, a demand review committee has broad discretion about how to develop and present its recommendation to the full board. The committee can, and should, think like a plaintiff and assess the expected value of the corporation’s litigation assets, taking into account the merits of any claims and defenses, damages, and the collectability of any judgment.

It may also make non-litigation recommendations, “including the advisability of implementing internal corrective action.”⁴⁰ This remedial flexibility is part of the flexibility of the demand requirement and committee process. Even assuming that a stockholder plaintiff’s lawyer has the corporation’s best interests in mind, she has available only the blunt instrument of litigation. Directors may pursue less costly, more effective remedies, such as changing corporate policies and practices, making personnel decisions, and revising corporate documents.

The committee’s recommendation should be followed by the board, absent highly unusual circumstances. A board that does not follow the recommendation of a demand review committee acts at its own peril.⁴¹

Whatever its decision, the board should then communicate its decision to the stockholder plaintiff, along with the bases for its decision.⁴² If the plaintiff seeks books and records pursuant to section 220 of the Delaware General Corporation Law⁴³ in support of a claim that the demand was wrongfully refused, the defendants should expect to produce (1) minutes of any meeting of the board or demand review committee where the demand was discussed; (2) reports and presentations by the demand review committee in support of its recommendation; and (3) other materials that formed the basis for the committee’s recommendation.⁴⁴ As a result, the committee and its advisors should proceed with its investigation and recommendation on the assumption that at least those basic materials will be discoverable.

The plaintiff pleading wrongful refusal faces a high burden. To survive a motion to dismiss, a plaintiff must plead “particularized facts . . . supporting an inference that the committee, despite being comprised solely of independent directors, breached its duty of loyalty, or breached its duty of care, in the sense of having committed gross negligence.”⁴⁵ In addition to disputing the substance of the committee’s investigative determinations regarding the merits, the plaintiff must also contend with the board’s business judgments about the cost and distraction of litigation and the effects litigation could have on the company’s business and operations.⁴⁶

Not surprisingly, it appears that the plaintiffs in only two published Delaware decisions have survived motions to dismiss, and both involved egregious and unusual fact patterns.⁴⁷ In Thorpe, a committee investigated the matters at issue in the demand and made recommendations to the board. But the board took no action in response to the demand and did not disclose the substance of the committee’s recommendations. The members of the committee promptly resigned.⁴⁸ And in Seaford Funding Limited Partnership v. M&M Associates II, L.P., the interested general partner of a limited partnership took no action in response to a demand that it investigate claims relating to a debt owed to the partnership by another affiliate of the general partner.⁴⁹

D. DEMAND REVIEW COMMITTEE PRACTICE COMPARED WITH SPECIAL LITIGATION COMMITTEE PRACTICE

As highlighted above, there are many surface-level similarities between the way that a demand review committee functions and that of a special litigation committee formed under Zapata⁵⁰ and its progeny. There are important differences, however, between the structure and function of those two kinds of committees, most owing to their origin and the corporate power dynamics at stake.⁵¹

As its name implies, a demand review committee is formed in response to a stockholder demand. And, as discussed above, a stockholder who makes a demand has effectively conceded that demand is not excused.⁵² In the parlance of the dual-natured derivative suit, a stockholder who makes a demand has conceded phase one—the “suit by the shareholders to compel the corporation to sue.”⁵³ The stockholder thus lacks the power to assert the corporation’s claim, and demands that the board do so instead.

A special litigation committee, by contrast, typically comes into existence only after a stockholder has established demand futility, whether by judicial decision or by the defendants’ concession. Accordingly, a special litigation committee operates to wrest control of the litigation away from a stockholder plaintiff who had assumed “the legal managerial power to maintain a derivative action to enforce the corporation’s claim.”⁵⁴ The statutory power to do so is retained by the board under sections 141(a) and 141(c) of the Delaware General Corporation Law, notwithstanding that the board is “tainted by the self-interest of a majority of its members.”⁵⁵ The power vests, however, only in a special litigation committee whose members are independent and disinterested, and which conducts a reasonable investigation in good faith.⁵⁶

As a result, the independence and disinterestedness inquiries that are important for a demand review committee are vital to a special litigation committee. The independence and disinterestedness of the members of a special litigation committee are the committee’s font of corporate power. And because the board’s power is vested in the special litigation committee, its charter should reflect that power, and should authorize the committee to ultimately decide, on the corporation’s behalf, how to proceed with respect to the claims without interference from other board members. It should not merely make a recommendation.⁵⁷

The skepticism about the potential structural bias in the special litigation committee context also recommends a higher standard of judicial review than the business judgment rule deference that is given to a demand review committee process and recommendation.⁵⁸ The Zapata court was “mindful” that in the special litigation committee context, “directors are passing judgment on fellow directors in the same corporation,” which raises the potential for “perhaps subconscious abuse.”⁵⁹ As a result, the court crafted a two-step standard of judicial review. A special litigation committee seeking to terminate derivative litigation must establish (1) the independence, good faith, and reasonableness of its investigation; and also (2) that the termination or course of action is in the corporation’s best interests, in the business judgment of the Court of Chancery.⁶⁰ This standard is far more rigorous than the business judgment rule standard applicable to demand review committees. It has also been shown empirically to deter special litigation committees from being used as a tool for dismissing meritorious cases.⁶¹

IV. THE DEMAND REQUIREMENT’S INTERNAL DISPUTE RESOLUTION PROBLEM AND THE AIG SOLUTION

An aggrieved stockholder who believes that the corporation is sitting on a valuable claim faces a stark choice between making a demand and attempting to plead demand futility. In theory, the interests of a stockholder plaintiff and those of a disinterested, independent board majority should merge. Both should be seeking to maximize the same long-term interests of the corporation, with the directors best suited to deploy the corporation’s assets, including its legal claims, to achieve those goals. Accordingly, in the ideal world of stockholder litigation, a stockholder should be confident of a good outcome for the corporation when she entrusts independent directors with a valuable corporate asset by making a demand, even at the cost of conceding demand futility.

But in practice, much of stockholder litigation is lawyer-driven.⁶² And in many cases, from the perspective of a plaintiff’s lawyer seeking control of a lucrative fee opportunity, making a demand is less appealing than taking a shot at pleading demand futility. The aggregate result is that the demand requirement is underused and falls short of its promise as a tool for promoting internal dispute resolution.⁶³

In Starr International Co. v. United States,⁶⁴ a recent case that arose from the U.S. government bailout of AIG during the 2008 financial crisis, the AIG board crafted an innovative demand procedure that, if deployed in an appropriate case, could help fulfill the internal dispute resolution function of the demand requirement.⁶⁵ The plaintiff, Starr International Company, asserted derivative claims on AIG’s behalf against the federal government, challenging transactions by which the government extended up to $85 billion of credit to AIG to stave off a liquidity crisis.⁶⁶ Starr alleged in its complaint that demand on AIG’s board would be futile, but “Starr and AIG entered into an agreement in which Starr agreed to make a demand on the AIG Board with respect to all derivative claims.”⁶⁷ Critically, notwithstanding the default rule that under Delaware law a stockholder who makes a demand concedes that demand is not excused as futile,⁶⁸ the agreement permitted Starr to reserve the right, if its demand was refused, to “challeng[e] the Board’s decision to refuse the demand by filing amended complaints alleging that the demand was wrongfully refused and/or not required as a matter of law.”⁶⁹

Under this agreement, Starr made its demand, and the parties presented the AIG board with three rounds of adversarial briefing and inperson presentations.⁷⁰ The board asked pointed questions of counsel for the parties, consulted with its own counsel, and ultimately decided unanimously to reject the demand.⁷¹

As the agreement allowed, Starr amended its complaint to advance demand futility and wrongful refusal arguments.⁷² Citing Grimes and Spiegel, the Court of Federal Claims surprisingly rejected Starr’s demand futility argument, reasoning that Starr’s demand “conclusively waive[d] any right to assert demand futility.”⁷³ The court further held that “Starr’s September 5, 2012 agreement with AIG, in which Starr purportedly reserved ‘the right to assert that demand was . . . excused,’ is insufficient to overcome binding black letter law.”⁷⁴

As a matter of corporate power, the black-letter law cited in Starr that a stockholder concedes any arguments about demand futility by making a demand traces back through Grimes and Spiegel to the Delaware Supreme Court’s decision in Stotland v. GAF Corp.⁷⁵ In Stotland, the plaintiffs tried and failed to establish demand futility, and their derivative action was dismissed.⁷⁶ They appealed. ⁷⁷ With that appeal pending, one of the plaintiffs made a demand, and the board re-ferred the demand to a demand review committee.⁷⁸ Citing Zapata,⁷⁹ the Stotland court reasoned “that once a demand has been made, absent a wrongful refusal, the stockholders’ ability to initiate a derivative suit is terminated.”⁸⁰

But Zapata itself does not answer the timing question. It holds merely that “[a] demand, when required and refused (if not wrongful), terminates a stockholder’s legal ability to initiate a derivative action. But where demand is properly excused, the stockholder does possess the ability to initiate the action on his corporation’s behalf.”⁸¹ Zapata does not hold that a plaintiff, as in Starr, lacks corporate power to make a demand, provisionally, before it is determined whether demand was, in fact, required or not. Thus, it is questionable whether demand futility in this context should be deemed conclusive, rather than treated as a default rule in the absence of an agreement between the complaining stockholder and the corporation.

It is hard to see the case to be made against private ordering by sophisticated parties to permit a conditional demand. As the landscape currently exists in Delaware, a stockholder gets two bites at the apple if she litigates futility first, then makes a demand as a fallback. If the same stockholder makes a demand first, however, then the futility door is closed.⁸² This is backwards, if the demand requirement is expected to fulfill an out-of-court dispute resolution function.

In weak cases, defense lawyers would likely adopt the same posture they do in the current regime, which is to wait for a stockholder to act and respond accordingly, with either a Rule 23.1/12(b)(6) dismissal motion or a demand refusal. But in stronger cases, a stockholder could make a provisional demand and her attorneys could participate in the dispute resolution process. The parties could follow in the footsteps of the AIG board and make a faithful demand decision, informed by a deep, adversarial process involving a stockholder plaintiff’s counsel. This would allow the demand requirement to once again fulfill its oft-repeated promise of serving as an internal dispute resolution mechanism, and would lead to more informed demand decisions.

V. CONCLUSION

The demand requirement, and the demand review committee process that often follows a demand, are vital cogs in the corporate governance machinery. But they are underused, in part because of the harsh consequences of a stockholder making a demand. If the law allowed for a conditional demand, as we believe it should, the demand requirement could serve an internal dispute resolution function that is often discussed, but rarely put into practice.

In our view, Delaware law does and should allow for a conditional demand. But it does not do so expressly, and making that position more clear to stockholders and their counsel would be a welcome addition to our law. The change could be implemented on a legislative level, by amendment to the Delaware General Corporation Law. But the derivative suit mechanism and the demand requirements are judge-made creatures of equity,⁸³ making a legislative pronouncement seem unnecessary and perhaps out of place. In our view, a judicial decision in an appropriate case by the Delaware Court of Chancery or Delaware Supreme Court could address the matter, but the wait for an appropriate case might be interminable, as a stockholder plaintiffs’ lawyer aware of the Starr decision might rightly be reluctant to follow a similar path. Perhaps the most appropriate solution, therefore, would be an addition to Court of Chancery Rule 23.1,⁸⁴ which codifies and implements the demand requirement.

Regardless of the form, we believe that Delaware law currently supports the making of a provisional demand with agreement by the parties, and that stockholders, corporations, and their counsel would benefit if that were clearly expressed.

_____________

1. DEL. CT. CH. R. 23.1.

2. DEL. CT. CH. R. 12(b)(6).

3. See generally Zapata Corp. v. Maldonado, 430 A.2d 779 (Del. 1981).

4. DEL. CODE ANN. tit. 8, § 141(a) (2016).

5. E.g., Grimes v. Donald, 673 A.2d 1207, 1215 (Del. 1996) (“If a claim belongs to the corporation, it is the corporation, acting through its board of directors, which must make the decision whether or not to assert the claim.”); In re Ezcorp Inc. Consulting Agreement Derivative Litig., 130 A.3d 934, 943 (Del. Ch. 2016) (“But when a corporation suffers harm, the board of directors is the institutional actor legally empowered under Delaware law to determine what, if any, remedial action the corporation should take, including pursuing litigation against the individuals involved.”); McPadden v. Sidhu, 964 A.2d 1262, 1269 (Del. Ch. 2008) (“A derivative action ‘fetters managerial prerogative’ because it is the directors, not stockholders, who manage the business and affairs of a corporation, which includes determining whether to assert legal claims on behalf of the corporation.” (quoting Caruana v. Saligman, C.A. No. 11135, 1990 WL 212304, at *3 (Del. Ch. Dec. 21, 1990))).

6. Aronson v. Lewis, 473 A.2d 805, 811 (Del. 1984); see also Quadrant Structured Prods. Co. v. Vertin, 115 A.3d 535, 548 (Del. Ch. 2015).

7. Cochran v. Stifel Fin. Corp., C.A. No. 17350, 2000 WL 286722, at *10 n.41 (Del. Ch. Mar. 8, 2000) (“As a historical matter, . . . it appears that the derivative suit was a common law development designed to ensure basic fairness and that the demand requirement was judicially created to guarantee that the statutory power of directors to manage the legal affairs of the company was not disregarded except when necessary to serve the policy purpose justifying the recognition of the derivative suit in the first instance.”), aff’d in part & rev’d in part on other grounds, 809 A.2d 555 (Del. 2002).

8. Aronson, 473 A.2d at 811; see also Ezcorp, 130 A.3d at 943–44.

9. See generally Rales v. Blasband, 634 A.2d 927, 933–34 (Del. 1993) (where the board did not make a business decision that is the subject of the underlying litigation, the demand futility test requires the court “to examine whether the board that would be addressing the demand can impartially consider its merits without being influenced by improper considerations”); Aronson, 473 A.2d at 814 (“[I]n determining demand futility the Court of Chancery in the proper exercise of its discretion must decide whether, under the particularized facts alleged, a reasonable doubt is created that: (1) the directors are disinterested and independent and (2) the challenged transaction was otherwise the product of a valid exercise of business judgment.”).

10. Rales, 634 A.2d at 936.

11. Aronson, 473 A.2d at 815–16.

12. Rales, 634 A.2d at 936.

13. In re Oracle Corp. Derivative Litig., 824 A.2d 917, 939 (Del. Ch. 2003).

14. Spiegel v. Buntrock, 571 A.2d 767, 775 (Del. 1990).

15. Belendiuk v. Carrion, C.A. No. 9026-ML, 2014 WL 3589500, at *5 (Del. Ch. July 22, 2014) (quoting Rales, 634 A.2d at 935).

16. Scattered Corp. v. Chi. Stock Exch., Inc., 701 A.2d 70, 74 (Del. 1997) (“If the stockholders make a demand, as in this case, they are deemed to have waived any claim they might otherwise have had that the board cannot independently act on the demand.”); Grimes, 673 A.2d at 1215; Spiegel, 571 A.2d at 775 (“By making a demand, a stockholder tacitly acknowledges the absence of facts to support a finding of futility. Thus, when a demand is made, the question of whether demand was excused is moot.” (citations omitted)). This concession is limited to the issue of demand futility—phase one of the two-part derivative action. Grimes, 673 A.2d at 1218–19 (“If a demand is made, the stockholder has spent one—but only one—‘arrow’ in the ‘quiver.’ The spent ‘arrow’ is the right to claim that demand is excused.”); see also Scattered, 701 A.2d at 74–75 (“It is not correct that a demand concedes independence ‘conclusively’ and in futuro for all purposes relevant to the demand.”).

17. Grimes, 673 A.2d at 1219.

18. See Elena C. Norman & Richard J. Thomas, Special Demand Committees: Practical Insights for the General Counsel, 32 DEL. LAW. 14, 16 (2014).

19. Thorpe v. CERBCO, Inc., 611 A.2d 5, 10 n.5 (Del. Ch. 1991) (“[W]hile the board may have been able to act independently through a fully empowered special committee of independent directors (thus justifying a stockholder in making demand), the board in fact chose not to do so, thus justifying treating the board as not independent.”).

20. Although the legal standards for independence and disinterestedness are the same, the stakes are arguably higher in the context of a special litigation committee than for a demand review committee. See infra Part III.D; see also Beam v. Stewart, 845 A.2d 1040, 1055 (Del. 2004) (“Unlike the demand-excusal context, where the board is presumed to be independent, the SLC has the burden of establishing its own independence by a yardstick that must be ‘like Caesar’s wife’—‘above re-proach.’” (quoting Lewis v. Fuqua, 502 A.2d 962, 967 (Del. Ch. 1985))).

21. See, e.g., Ironworkers Dist. Council of Phila. & Vicinity Ret. & Pension Plan v. Andreotti, C.A. No. 9714-VCG, 2015 WL 2270673, at *26 (Del. Ch. May 8, 2015) (“The Committee . . . over nine months vigorously investigated the circumstances alleged in the Stockholder Demands, including interviewing 23 witnesses, reviewing hundreds of documents, reviewing 25 days of deposition testimony and the entirety of the Monsanto Litigation transcript, and conducting additional research. At the end of this process, the Committee produced the 179–page Report, exclusive of exhibits . . . .”), aff’d, 132 A.3d 748 (Del. 2016).

22. See Grimes, 673 A.2d at 1219.

23. See generally GREGORY V. VARALLO ET AL., SPECIAL COMMITTEES: LAW AND PRACTICE 40–53 (2d ed. 2014).

24. See, e.g., Ams. Mining Corp. v. Theriault, 51 A.3d 1213, 1221–22 (Del. 2012) (“The resolution creating the Special Committee provided that the ‘duty and sole purpose’ of the Special Committee was ‘to evaluate the [Merger] in such manner as the Special Committee deems to be desirable and in the best interests of the stockholders of [Southern Peru],’ and authorized the Special Committee to retain legal and financial advisors at Southern Peru’s expense on such terms as the Special Committee deemed appropriate. The resolution did not give the Special Committee express power to negotiate, nor did it authorize the Special Committee to explore other strategic alternatives.”); see also In re CNX Gas Corp. S’holders Litig., 4 A.3d 397, 404 (Del. Ch. 2010) (“The scope of the authority that the CNX Gas board provided to the Special Committee was limited. The Special Committee was authorized only to review and evaluate the Tender Offer, to prepare a Schedule 14D-9, and to engage legal and financial advisors for those purposes. The resolution did not authorize the Special Committee to negotiate the terms of the Tender Offer or to consider alternatives.”).

25. For efficiency’s sake, the demand review committee charter should be broad enough to en-compass future demands regarding the same subject matter. See Kops v. Hassell, C.A. No. 11982-VCG, 2016 WL 7011569, at *4–5 (Del. Ch. Nov. 30, 2016) (rejecting argument that demand review committee relied on previous demand investigation of similar subject matter); Andreotti, 2015 WL 2270673, at *2 (discussing committee’s investigation of demands made by “several stockholders”).

26. FLI Deep Marine LLC v. McKim, C.A. No. 4138-VCN, 2009 WL 1204363, at *2 (Del. Ch. Apr. 21, 2009) (“[I]n response to the Plaintiffs’ demand letter, the Board formed a special committee to investigate the allegations asserted in the demand letter and to make a recommendation to the Board . . . .”).

27. Cf. Sutherland v. Sutherland, C.A. No. 2399-VCN, 2010 WL 1838968, at *6 (Del. Ch. May 3, 2010) (concluding that by appointing a special litigation committee to investigate claims, defendants conceded that non-committee directors were interested or lacked independence).

28. See VARALLO ET AL., supra note 23, at 66–72.

29. Id.

30. To state what should be obvious, the committee’s counsel should not be the same firm who represented the would-be defendants in the underlying claims. See Taneja v. Familymeds Grp., Inc., C.A. No. HHD-CV-09-4045755-S, 2012 WL 3934279, at *5 (Conn. Super. Ct. Aug. 21, 2012).

31. Mount Moriah Cemetery ex rel. Dun & Bradstreet Corp. v. Moritz, C.A. No. 11431, 1991 WL 50149, at *4 (Del. Ch. Apr. 4, 1991), aff’d, 599 A.2d 413 (Del. 1991); see also Halpert Enters., Inc. v. Harrison, C.A. No. 07-1144, 2008 WL 4585466, at *2 (2d Cir. Oct. 15, 2008) (applying Delaware law) (“[T]here is no rule of general application that a board must interview every possible witness who may shed some light on the conduct forming the basis of the litigation.”).

32. Barkan v. Amsted Indus., Inc., 567 A.2d 1279, 1286 (Del. 1989) (“Nevertheless, there is no single blueprint that a board must follow to fulfill its duties. A stereotypical approach to the sale and acquisition of corporate control is not to be expected in the face of the evolving techniques and financing devices employed in today’s corporate environment.”).

33. Levine v. Smith, 591 A.2d 194, 214 (Del. 1991).

34. Gatz v. Ponsoldt, C.A. No. 174-N, 2004 WL 3029868, at *5 (Del. Ch. Nov. 5, 2004).

35. Scattered Corp. v. Chi. Stock Exch., Inc., C.A. No. 14010, 1996 WL 417507, at *5 (Del. Ch. July 12, 1996), aff’d, 701 A.2d 70 (Del. 1997).

36. Ironworkers Dist. Council of Phila. & Vicinity Ret. & Pension Plan v. Andreotti, C.A. No. 9714-VCG, 2015 WL 2270673, at *26 n.255 (Del. Ch. May 8, 2015).

37. See Mount Moriah Cemetery ex rel. Dun & Bradstreet Corp. v. Moritz, C.A. No. 11431, 1991 WL 50149, at *4 (Del. Ch. Apr. 4, 1991) (“During that time, plaintiff was asked to identify potential witnesses and there was a fairly regular exchange of correspondence as well as several meetings between counsel for plaintiff and counsel for the Special Committee.”), aff’d, 599 A.2d 413 (Del. 1991).

38. Scattered, 1996 WL 417507, at *5.

39. Espinoza ex rel. JPMorgan Chase & Co. v. Dimon, 124 A.3d 33, 37 (Del. 2015) (A committee recommendation could be set aside if a reviewing court found that the committee “ignored a material aspect of the demand letter,” depending on “the contextual importance of that issue in the overall scope of what the committee was charged with investigating.”).

40. Rales v. Blasband, 634 A.2d 927, 933–34, 935 (Del. 1993).

41. Thorpe v. CERBCO, Inc., 611 A.2d 5, 11 (Del. Ch. 1991) (“But in some cases . . . the reasonableness and good faith of the investigation relates to an entity (a special committee) that is not the decision maker. Thus, in such a case, its good faith and prudence may not alone justify deference to someone else’s decision.”).

42. City of Orlando Police Pension Fund v. Page, 970 F. Supp. 2d 1022, 1030–31 (N.D. Cal. 2013) (denying motion to dismiss in part because defendants refused to make review committee’s report public and relied exclusively on “conclusory” demand refusal letter).

43. DEL. CODE ANN. tit. 8, § 220 (2016).

44. La. Mun. Police Emps. Ret. Sys. v. Morgan Stanley & Co., C.A. No. 5682-VCL, 2011 WL 773316, at *8 (Del. Ch. Mar. 4, 2011).

45. Espinoza ex rel. JPMorgan Chase & Co. v. Dimon, 124 A.3d 33, 36 (Del. 2015); see also Grimes v. Donald, 673 A.2d 1207, 1219 (Del. 1996) (“If a demand is made and rejected, the board rejecting the demand is entitled to the presumption of the business judgment rule unless the stockholder can allege facts with particularity creating a reasonable doubt that the board is entitled to the benefit of the presumption.”).

46. Andersen v. Mattel, Inc., C.A. No. 11816-VCMR, 2017 WL 218913, at *7 (Del. Ch. Jan. 19, 2017).

47. Belendiuk v. Carrion, C.A. No. 9026-ML, 2014 WL 3589500, at *7 (Del. Ch. July 22, 2014) (discussing cases).

48. Thorpe v. CERBCO, Inc., 611 A.2d 5, 8 (Del. Ch. 1991).

49. 672 A.2d 66, 72 (Del. Ch. 1995).

50. Zapata Corp. v. Maldonado, 430 A.2d 779 (Del. 1981).

51. See Grimes v. Donald, 673 A.2d 1207, 1216 n.13 (Del. 1996) (“The use of a committee of the board formed to respond to a demand or to advise the board on its duty in responding to a demand is not the same as the [special litigation committee] process . . . . It is important that these discrete and quite different processes not be confused.”).

52. Scattered Corp. v. Chi. Stock Exch., Inc., 701 A.2d 70, 74 (Del. 1997) (“If the stockholders make a demand, as in this case, they are deemed to have waived any claim they might otherwise have had that the board cannot independently act on the demand.”); Grimes, 673 A.2d at 1218–19 (“If a demand is made, the stockholder has spent one—but only one—‘arrow’ in the ‘quiver.’ The spent ‘arrow’ is the right to claim that demand is excused.”); Spiegel v. Buntrock, 571 A.2d 767, 775 (Del. 1990) (“By making a demand, a stockholder tacitly acknowledges the absence of facts to support a finding of futility. Thus, when a demand is made, the question of whether demand was excused is moot.” (citations omitted)). This concession is limited to the issue of demand futility—phase one of the two-part derivative action.

53. Aronson v. Lewis, 473 A.2d 805, 811 (Del. 1984).

54. Levine v. Smith, C.A. No. 8833, 1987 WL 28885, at *2 (Del. Ch. Dec. 22, 1987).

55. Zapata, 430 A.2d at 786 (citing DEL. CODE ANN. tit. 8, § 141(a), (c)).

56. Id. at 788.

57. See VARALLO ET AL., supra note 23, at 70 (“We recommend that an SLC delegation include a specific statement that the determinations made by the SLC shall be final and binding upon the corporation and shall not be subject to review by the board. Such language is a clear statement of the exclusive authority of the committee with respect to the pending litigation.”).

58. See Zapata, 430 A.2d at 787–89.

59. Id. at 787.

60. Id. at 788–89.

61. See generally C.N.V. Krishnan et al., An Empirical Study of Special Limitation Committees: Evidence of Management Bias and the Effect of Legal Standards (Oct. 16, 2017), https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3053449.

62. Laborers’ Dist. Council Constr. Indus. Pension Fund v. Bensoussan, C.A. No. 11293-CB, 2016 WL 3407708, at *11 (Del. Ch. June 14, 2016) (“Each of these contentions is, unfortunately, reflective of undesirable practices that pervade representative litigation as lawyers for stockholders jockey for control of a case in an effort to secure a payday for themselves, assuming they ultimately can confer a benefit upon the stockholders or the corporation.”).

63. Grimes v. Donald, 673 A.2d 1207, 1216 (Del. 1996) (“The demand requirement serves a salutary purpose. First, by requiring exhaustion of intracorporate remedies, the demand requirement invokes a species of alternative dispute resolution procedure which might avoid litigation altogether.”); Aronson v. Lewis, 473 A.2d 805, 812 (Del. 1984) (“Thus, by promoting this form of alternate dispute resolution, rather than immediate recourse to litigation, the demand requirement is a recognition of the fundamental precept that directors manage the business and affairs of corporations.”).

64. 111 Fed. Cl. 459 (2013), vacated in part, 856 F.3d 953 (Fed. Cir. 2017).

65. See generally id.

66. Id. at 466.

67. Id.

68. Scattered Corp. v. Chi. Stock Exch., Inc., 701 A.2d 70, 74 (Del. 1997) (“If the stockholders make a demand, as in this case, they are deemed to have waived any claim they might otherwise have had that the board cannot independently act on the demand.”); Grimes, 673 A.2d at 1218–19 (“If a demand is made, the stockholder has spent one—but only one—‘arrow’ in the ‘quiver.’ The spent ‘arrow’ is the right to claim that demand is excused.”); Spiegel v. Buntrock, 571 A.2d 767, 775 (Del. 1990) (“By making a demand, a stockholder tacitly acknowledges the absence of facts to support a finding of futility. Thus, when a demand is made, the question of whether demand was excused is moot.” (citations omitted)). This concession is limited to the issue of demand futility—phase one of the two-part derivative action.

69. Starr, 111 Fed. Cl. at 467.

70. Id.

71. Id. at 468.

72. Id. at 469.

73. Id. at 471.

74. Id.

75. 469 A.2d 421 (Del. 1983).

76. Id. at 421.

77. Id. at 421–22.

78. Id. at 422.

79. 430 A.2d 779, 784–86 (Del. 1981).

80. Stotland, 469 A.2d at 422.

81. Zapata, 430 A.2d at 784.

82. Thorpe v. CERBCO, Inc., 611 A.2d 5, 11 (Del. Ch. 1991) (“Thus, the current rule may be thought to exact a heavy price from shareholders who elect to try (in a context when they will not have much information) to employ internal corporate mechanisms before filing a claim on behalf of the corporation.”).

83. Cochran v. Stifel Fin. Corp., C.A. No. 17350, 2000 WL 286722, at *10 n.41 (Del. Ch. Mar. 8, 2000), aff’d in part, rev’d in part, 809 A.2d 555 (Del 2002). (“As a historical matter, . . . it appears that the derivative suit was a common law development designed to ensure basic fairness and that the demand requirement was judicially created to guarantee that the statutory power of directors to manage the legal affairs of the company was not disregarded except when necessary to serve the policy purpose justifying the recognition of the derivative suit in the first instance.”); see alsoKamen v. Kemper Fin. Servs., Inc., 500 U.S. 90, 95 (1991) (“Devised as a suit in equity, the purpose of the derivative action was to place in the hands of the individual shareholder a means to protect the interests of the corporation from the misfeasance and malfeasance of ‘faithless directors and managers.’” (quoting Cohen v. Beneficial Indus. Loan Corp., 337 U.S. 541, 548 (1949))).

84. DEL. CT. CH. R. 23.1.

INTRODUCTION

Businesses face more than reputational risk when the personally identifiable information (“PII”) of their customers is stolen during a data breach. Many data breaches have spawned multi-plaintiff or class action lawsuits by customers whose PII was accessed by unauthorized third parties as a result of the breach. But, until recently, businesses faced modest litigation risk in these cases because most courts held that litigants lacked standing to sue in federal court, reasoning that plaintiffs had yet to suffer an injury absent allegations that the exposure of their PII resulted in identity theft or unauthorized and unreimbursed charges to their financial accounts. This survey discusses new developments in the law of standing in data breach cases, as well as decisions about the viability of legal claims. Currently, the law is sharply divided, and it is likely to remain so for the foreseeable future.

ARTICLE III STANDING FOR DATA BREACH CASES

BACKGROUND

The recent evolution in case law concerning the standing of plaintiffs in data breach litigation is the outgrowth of two U.S. Supreme Court decisions that established the framework for analyzing Article III’s “injury-in-fact” requirement. In Clapper v. Amnesty International USA,¹ the Supreme Court held that the plaintiffs’ fear that their private communications might be intercepted by government surveillance programs was not an injury in fact because any “threatened injury must be certainly impending to constitute injury in fact,” and “allegations of pos-sible future injury are not sufficient.”² The plaintiffs’ injury was “too speculative” because its occurrence “relie[d] on a highly attenuated chain of possibilities” that “the Government [would] imminently target communications to which [they were] parties.”³ Nor were “measures that they have undertaken to avoid . . . surveillance” an injury; “otherwise, an enterprising plaintiff would be able to secure a lower standard for Article III standing simply by making an expenditure based on a nonparanoid fear.”⁴ Yet, the Clapper Court cautioned that its cases have “not uniformly require[d] plaintiffs to demonstrate that it is literally certain that the harms they identify will come about,” provided there is “a ‘substantial risk’ that the harm will occur, which may prompt plaintiffs to reasonably incur costs to mitigate or avoid that harm.”⁵

In Spokeo, Inc. v. Robins,⁶ the Court reiterated that the injury-in-fact requirement “does not mean [] that the risk of real harm cannot satisfy that requirement.”⁷ The Spokeo Court held that an alleged Fair Credit Reporting Act (“FCRA”) violation did not, ipso facto, confer standing because “a bare procedural violation, divorced from any concrete harm,” does not “satisfy the injury-in-fact requirement of Article III.”⁸ It explained that “[i]n determining whether an intangible harm constitutes injury in fact,” two considerations were important: “whether an alleged intangible harm has a close relationship to a harm that has traditionally been regarded as providing a basis for a lawsuit in English or American courts”; and “because Congress is well positioned to identify intangible harms that meet minimum Article III requirements, its judgment is also instructive and important.”⁹The Spokeo Court re-manded the case to the Ninth Circuit to determine “whether the particular procedural violations alleged in this case entail a degree of risk sufficient to meet the concreteness requirement.”¹⁰

RECENT DEVELOPMENTS

In most data breach cases, the alleged injury resulting from the unauthorized access of PII is the increased risk of identity theft and concomitant expenses associated with mitigating that risk. The courts have reached differing conclusions depending on whether actual identity theft has occurred and whether such an occurrence is found to be a prerequisite for standing.

In Lewert v. P.F. Chang’s China Bistro, Inc.,¹¹ for example, the Seventh Circuit held that theft of debit and credit card information conferred standing to sue. One plaintiff incurred four fraudulent transactions on his debit card, and there-after purchased credit monitoring services, and while the other plaintiff “did not spot any fraudulent charges on his card, nor did he cancel his card and suffer the associated inconvenient or costs,” he alleged that he “spent time and effort monitoring his card statements and his credit report.”¹² The court held that the injuries alleged were sufficient. First, “the increased risk of fraudulent charges and identity theft” was “concrete enough to support a lawsuit” “because [plaintiffs’] data has already been stolen.”¹³ Second, the plaintiffs alleged “time and effort” resolving fraudulent charges and other “measures to mitigate [their] risk.”¹⁴ P.F. Chang’s argued that the data breach “posed a risk only of fraudulent charges to affected cards, not of identity theft,” but the court refused to dismiss the case for lack of standing based on “a factual assumption that has yet to be tested.”¹⁵

In contrast, a Colorado federal court dismissed a case for this very reason in Engl v. National Grocers by Vitamin Cottage, Inc.¹⁶ Because the “card issuer identified the fraudulent activity on his account and unilaterally exonerated [plaintiff] of responsibility for the fraudulent charges” and then “closed the account associated with the stolen card number,” the Engl court concluded that he “brought [his] exposure to any future harm from the [] data breach to an end.”¹⁷

In Welborn v. Internal Revenue Service,¹⁸ a District of Columbia district court held that the plaintiffs alleged an injury in fact arising from a data breach of an online tool used by the Internal Revenue Service (“IRS”) to provide prior-year tax returns to taxpayers because two plaintiffs “allege[d] that they have suffered actual identity theft when someone filed false tax returns (and claimed fraudulent refunds) in their names,” and the third plaintiff “has been the victim of at least two occasions of fraudulent activity in her financial accounts, one of which resulted in the removal of funds from a personal financial account, which occurred after the IRS data breach.”¹⁹ But the plaintiffs’ allegation “that they suffer an increased threat of future identity theft and fraud” was “entirely speculative and depends on the decisions and actions of one or more independent, and unidentified, actor(s), and the risk of such harm occurring was not “imminent harm that is ‘certainly impending.’”²⁰ Other injuries the court found too speculative were “general anxiety,” the “diminished value of their PII,” and “time and money spent monitoring and assessing the potential risk of future harm.”²¹

While each plaintiff in Wellborn alleged an injury, the court observed that the second element of standing, causation, required plaintiffs to “put forward facts showing that their injuries can be traced to the specific data incident of which they complain and not to any previous theft or data loss incident.”²² One plaintiff did not allege that his injury was “fairly traceable” to the IRS’s conduct because he “simply allege[d] that the alleged financial fraud happened after the [] breach.”²³ The court found that the other two plaintiffs alleged a sufficient causal connection to their injuries because they “alleged sufficient facts that, if proved, would tend to show that the information used in the fraudulent tax re-turn was of the same type that was stolen.”²⁴

The Third Circuit held in In re Horizon Services Inc. Data Breach Litigation²⁵ that the plaintiffs, whose PII was contained on stolen laptops, sufficiently alleged an injury in fact even though “none of them had [ ] alleged that the information was actually used to their detriment.”²⁶ The plaintiffs alleged injury based on both an “increased risk of harm from identity theft, identity fraud, and medical fraud” and “the violation of their statutory rights under FCRA.”²⁷ Rather than decide whether the plaintiffs had alleged a non-speculative risk of future injury as required by Clapper, the court “conclude[d] that they have standing due to Horizon’s alleged violation of FCRA.”²⁸ The Horizon Services court reasoned that, while the court’s “pronouncements in this area have not been entirely con-sistent,” “in some circumstances, [ ] the breach of a statute is enough to cause a cognizable injury—even without economic or other tangible harm.”²⁹ It held that “[i]n light of the congressional decision to create a remedy for the unauthorized transfer of personal information, a violation of FCRA gives rise to an injury sufficient for Article III standing purposes. Even without evidence that the Plaintiffs’ information was in fact used improperly, the alleged disclosure of their personal information created a de facto injury.”³⁰ While, under Spokeo, “there are some circumstances where the mere technical violation of a procedural requirement of a statute cannot, in and of itself, constitute an injury in fact,” the Third Circuit found that “[p]laintiffs here do not allege a mere technical or procedural violation of FCRA. They allege instead the unauthorized dissemination of their own private information—the very injury that FCRA is intended to prevent.”³¹

In Beck v. McDonald,³² the Fourth Circuit affirmed the dismissal of the Privacy Act and Administrative Procedure Act claims arising from the theft of laptops containing patient records from a Veterans Affairs hospital.³³ The plaintiffs alleged two injuries: “(i) the increased risk of future identity theft, and (ii) the costs of protecting against the same.”³⁴ The Beck court noted that its “sister cir-cuits are divided on whether a plaintiff may establish an Article III injury-in-fact based on an increased risk of future identity theft,”³⁵ but that where courts rec-ognized such injuries, the plaintiffs’ allegations “sufficed to push the threatened injury of future identity theft beyond the speculative to the sufficiently imminent” because in those cases “the data thief intentionally targeted the personal information compromised in the data breaches.”³⁶ The Beck plaintiffs, however, “have uncovered no evidence that the information contained on the stolen laptop has been accessed or misused or that they have suffered identity theft, nor, for that matter, that the thief stole the laptop with the intent to steal their private information.”³⁷ The court also rejected the plaintiffs’ contention that there was a “substantial risk” of harm occurring, even accepting as true plaintiffs’ allegation that “33% of health-related data breaches result in identity theft.”³⁸ Because the risk was speculative, the cost of protecting against future identity theft also did not confer standing as the harm resulting from such efforts was “self-imposed.”³⁹ Notably, the Beck court distinguished Horizon Services, where the Third Circuit found standing even though there was no allegation that plaintiffs’ PII had been accessed, because their injury was “the very injury that FCRA is intended to prevent”;⁴⁰ whereas in Beck, “[p]laintiffs do not allege that [defendant’s] violations of the Privacy Act alone constitute an Article III injury-in-fact.”⁴¹

In Galaria v. Nationwide Mutual Insurance Co.,⁴² the Sixth Circuit held that the plaintiffs had standing to sue even though none of them pled unauthorized charges or identity theft. The plaintiffs’ allegations amounted to a “substantial risk of harm” because, “[w]here a data breach targets personal information, a reasonable inference can be drawn that the hackers will use the victims’ data for [] fraudulent purposes.”⁴³ This inference was confirmed by the defendant’s actions: “Nationwide seems to recognize the severity of the risk, given its offer to provide credit-monitoring and identity-theft protection for a full year.”⁴⁴ The Galaria court’s finding that the plaintiffs faced “a substantial risk of harm” meant that they “expend[ed] time and money to monitor their credit, check their bank statements, and modify their financial accounts,” which constituted an injury because “it would be unreasonable to expect Plaintiffs to wait for actual misuse—a fraudulent charge on a credit card, for example—before taking steps to ensure their own personal and financial security, particularly when Nationwide recommended taking these steps.”⁴⁵

The Galaria court also addressed whether the plaintiffs satisfied Article III’s causation requirement. The majority of the court held that the plaintiffs’ allegations met the “fairly traceable” requirement for standing because plaintiffs alleged that “the hackers were able to access Plaintiffs’ data only because Nationwide allegedly failed to secure the sensitive personal information entrusted to its custody.”⁴⁶

In Whalen v. Michaels Stores, Inc.,⁴⁷ the Second Circuit affirmed dismissal of claims for breach of implied contract and under the New York General Business Law based on a data breach at Michaels. The plaintiff alleged that at some point after the data breach, her credit card “was physically presented for payment” on two occasions by an unauthorized third party.⁴⁸ Just like the plaintiff in Engl, however, the Whalen plaintiff did not allege that she incurred any fraudulent charges that she was liable to pay, because her credit card company removed the charges and deactivated her account.⁴⁹ The Whalen court concluded that the plaintiff’s alleged injury failed the Clapper test because “she never was either asked to pay, nor did pay, any fraudulent charge.”⁵⁰ Because her credit card was canceled “and no other personally identifying information—such as her birth date or Social Security number—is alleged to have been stolen,” the court reasoned that the plaintiff “does not allege how she can plausibly face a threat of future fraud.”⁵¹ It rejected the plaintiff’s mitigation allegations as conclusory because she “pleaded no specifics about any time or effort that she herself has spent monitoring her credit.”⁵²

While the nature of the breach in Whalen distinguished the case from Galaria, where a broader array of PII was accessed, Whalen is more difficult to reconcile with the Seventh Circuit’s Lewert decision, where the only information obtained by hackers was the plaintiffs’ debit card numbers, and yet the court still held that plaintiffs faced a substantial risk of future injury.

VIABILITY OF DATA BREACH CLAIMS ON THE MERITS

Even if the plaintiffs survive standing challenges in data breach litigation, no federal statute provides a remedy to victims of a data breach, and plaintiffs have been mostly unsuccessful in mooring their claims to other federal statutes, such as the FCRA. Courts have been more receptive to claims under state statutes and the common law, although the outcomes at the pleadings stage vary widely. For instance, in In re Experian Data Breach Litigation,⁵³ a California federal district court granted in part and denied in part Experian’s motion to dismiss claims arising from the theft of PII stored on Experian’s servers. The court dismissed the plaintiffs’ FCRA claims because Experian did not “furnish” a “consumer report” in violation of the FCRA.⁵⁴ Plaintiffs’ New York, Illinois, Ohio, and California negligence claims survived, however, even as to the one plaintiff who was reim-bursed for unauthorized credit card charges. The court held that “[e]ven if, as Defendants argue, a risk of future identity theft isn’t a properly pleaded damage, the complaint also alleges that Plaintiffs have suffered damages by taking measures to both ‘deter’ and ‘detect’ identity theft.”⁵⁵These damages included both unreimbursed credit monitoring expenses and hours spent “addressing issues arising from the Data Breach.”⁵⁶ The court concluded that “[t]he time that Plaintiffs have allegedly spent addressing issues caused by the data breach” stated a claim for damages.”⁵⁷

Some claims against Experian under state consumer protection statutes also survived. The plaintiffs successfully alleged a violation of New York’s deceptive trade practices act on the basis that “Experian . . . misrepresented that it would comply with the requirements of relevant federal and state laws pertaining to the privacy and security of” the plaintiffs’ data.⁵⁸ The court also held that the plaintiffs stated claims under the “unfair” or “unlawful” prongs of California’s Consumers Legal Remedies Act and Unfair Competition Law.⁵⁹

In In re Premera Blue Cross Customers Data Security Breach Litigation,⁶⁰ an Oregon district court held that plaintiffs whose PII was exposed by a data breach of Premera’s computer network could proceed to the merits on their fraud- and contract-based claims. The plaintiffs’ fraud claims under the common law and Oregon consumer protection statutes were based on statements in Premera’s policy booklets, a privacy notice provided to Premera’s members, and the company’s code of conduct posted on its website.⁶¹ The Premera court held that guarantees contained in these documents, such as “[w]e protect your privacy by making sure your information stays confidential,” and aspirational statements concerning “prevent[ing] unauthorized access” had “the capacity to deceive if, as Plaintiffs allege, Premera did not provide adequate data security.”⁶² Because “[a] reasonable person, reading these statements, would believe that Premera provides reasonable and adequate data security,” the court held that plaintiffs alleged an affirmative misrepresentation claim.⁶³

While the Premera court held that the plaintiffs failed to allege any active misrepresentation, their amended pleadings adequately alleged fraud by omission because “Premera should have disclosed that it did not implement industry standard access controls, did not fix known vulnerabilities in its electronic security protocols, failed to protect against reasonably anticipated threats, and otherwise did not comport with its assurances regarding protecting information.”⁶⁴

The Premera court also held that the plaintiffs’ express contract claims survived, except as to claims based on statements in Premera’s code of conduct, which “are not guarantees but are expressions of corporate optimism” rather than “enforceable promises.”⁶⁵ The plaintiffs further alleged that these documents contained “implied terms requiring Premera to implement data security adequate to safeguard and protect the confidentiality of their [] [i]nformation.”⁶⁶ The court held that such a claim was viable under Oregon law, but that Washington law required a finding of “legal necessity” before a term would be implied into a contract, and the court “decline[d] to imply a term into the parties’ contracts that would require adequate data security measures be taken.”⁶⁷

Finally, as to plaintiffs who were not policyholders of Premera but “whose [PII] came into Premera’s possession without any relationship between the parties,” the court rejected the plaintiffs’ alternative argument, that Premera breached an “implied-in-fact contract[] for the provision of data security.”⁶⁸ The complaint failed to “allege facts that plausibly suggest that Plaintiffs other than the Policy-holder Plaintiffs gave information to Premera,” nor were there sufficient allegations of the elements of a contract with plaintiffs who were Premera policyholders.⁶⁹ In an earlier opinion dismissing certain allegations, the court held that the plaintiffs adequately alleged unjust enrichment based on payments they made to Premera.⁷⁰

In Fero v. Excellus Health Plan, Inc.,⁷¹ classes of California, Florida, Indiana, North Carolina, New Jersey, New York, and Pennsylvania customers, federal employee enrollees, and medical providers alleged ten causes of action, including common law negligence and contract claims, and violations of state privacy and consumer protection statutes, arising from a data breach that exposed their PII. The plaintiffs alleged that false tax returns were filed in their names, that they were the victims of identity theft, had fraudulent credit or debit card charges, that they spent money to remediate the breach, and that they spent time mitigating their losses or protecting against future identity theft and were at risk of identity theft in the future.⁷² The Fero court held that plaintiffs who “alleged increased risk of harm, unaccompanied by any concrete misuses of their stolen information,” lacked standing because “none allege any facts indicat-ing that the hackers have misused their personal information since the data breach occurred, or that any other suspicious activity has occurred in the three years since.”⁷³ Rather, “the alleged injuries rely on a chain of possibilities about the actions of independent actors.”⁷⁴ The court also held that causes of action under state statutes did not confer standing because, under Spokeo, “Article III standing requires a concrete injury even in the context of a statutory violation.”⁷⁵

The Fero court held that the plaintiffs whose PII had been misused both had standing and stated a claim under certain state common law causes of action and statutes. Plaintiffs’ contract-based claims were premised on Excellus’s privacy policy, which was incorporated by reference into their contracts.⁷⁶ The court denied Excellus’s motion to dismiss those claims, noting that “the statements from the privacy policies identified by Plaintiffs plausibly could be read to reflect a definite promise by Excellus to maintain the security of the personal information that it collected and stored on its networks.”⁷⁷ But the court dismissed the federal employee plaintiffs’ third-party beneficiary claim, noting that nothing in the contracts evidenced an intent to confer enforcement rights on the insured plaintiffs.⁷⁸ The court also dismissed the plaintiffs’ negligent misrepresentation claims, both because the plaintiffs failed to allege reliance, since “Plaintiffs have failed to allege with any particularity that they actually read or saw the notices concerning privacy policies and practices,” and because no facts “suggest that Plaintiffs have a relationship with [Excellus] that is unique or differs from that of a reasonable consumer.”⁷⁹

Many state statutory claims also survived in Fero. Under the New York prohi-bition of deceptive acts or practices, the court reasoned that “it is at least plausible that the [defendants’] representations in their privacy policies and on their web-sites concerning data security (catalogued above) would lead a reasonable consumer to believe that the [defendants] were providing more adequate data security than they purportedly were,” and that “the [defendants] failure to disclose the purportedly inadequate data security measures would mislead a reasonable consumer.”⁸⁰ The court dismissed the plaintiffs’ California Customer Records Act claims because that law does not apply to a “health care service plan.”⁸¹ Finally, the New Jersey Insurance Information Practices Act and the North Carolina Consumer and Customer Information Privacy Act prohibit the “disclosure” of certain PII. But the court distinguished “disclosure” from “theft,” finding that “the struc-ture of both [statutes] support[s] the conclusion that disclosure does not encom-pass a theft” and, therefore, dismissed these claims.⁸²

In USAA Federal Savings Bank v. PLS Financial Services, Inc.,⁸³ an Illinois district court dismissed state negligence and consumer fraud claims brought by USAA after millions of dollars in counterfeit checks were drawn on the bank’s accounts following a data breach at a check cashing and payday lending company. USAA claimed that PLS breached its duty to USAA “of safeguarding allegedly confidential financial information” of customers.⁸⁴ The court explained, however, that because “Illinois does not recognize a common law duty to safeguard personal information, USAA cannot establish its claim for negligence against PLS.”⁸⁵ The court also dismissed USAA’s claim under the Illinois Consumer Fraud Act, refus-ing to “infer from the allegations of the first amended complaint that the allegedly unfair conduct occurred in Illinois . . . where no allegations suggest that the breach occurred in Illinois or affected Illinois residents.”⁸⁶

CONCLUSION

The law in data breach cases is unsettled, and over the next year, courts will be forced to grapple with two emerging questions. First, as data breaches become larger and more frequent,⁸⁷ and plaintiffs’ PII is stolen through multiple, sepa-rate data breaches, how plaintiffs have suffered an injury, and whether that injury is fairly traceable to the actions of any specific defendant, is less apparent. Second, existing case law is largely based on the assumption that hackers steal PII for financial gain, even though hackers are increasingly motivated by non-commercial ends, such as activism, blackmail, or espionage.⁸⁸ Courts may be forced to reevaluate their framework for analyzing standing where identity theft is not the plausible goal of the data breach.

_____________

* Joseph F. Yenouskas is a partner and Levi W. Swank is an associate in the Washington, D.C. office of Goodwin Procter LLP. The statements and views expressed in this survey are solely those of the authors, not those of their firm or its clients; accordingly, none of the views or statements should be attributed to their firm or any of its clients, or construed as a comment on non-public as-pects of cases that are discussed herein.

1. 568 U.S. 398 (2013).

2. Id. at 409 (quotation marks and alterations omitted).

3. Id. at 401, 411.

4. Id. at 415–16.

5. Id. at 414 n.5.

6. 136 S. Ct. 1540 (2016).

7. Id. at 1543.

8. Id. at 1549; see also Anna-Katrina S. Christakis, Jeffrey D. Pilgrim & Jennifer L. Majewski, Post-Spokeo: The Impact of Article III Standing on Consumer Finance Litigation, 73 BUS. LAW. 565 (2018) (in this Annual Survey); Matthew O. Stromquist, Anna-Katrina S. Christakis & Jeffrey D. Pilgrim, The High Court Speaks on Standing, Mootness, Arbitration, and Representative Evidence, 72 BUS. LAW. 567, 567–69 (2017) (in the 2017 Annual Survey).

9. Spokeo, 136 S. Ct. at 1549.

10. Id. at 1550. On remand, the Ninth Circuit found that the “alleged injuries were sufficiently concrete for the purposes of Article III.” Robins v. Spokeo, Inc., 867 F.3d 1108, 1118 (9th Cir. 2017). A cert petition is pending in the Supreme Court. Petition for a Writ of Certiorari, Spokeo, Inc. v. Robbins, No. 17-806 (U.S. Dec. 6, 2017).

11. 819 F.3d 963 (7th Cir. 2016).

12. Id. at 965.

13. Id. at 967.

14. Id.

15. Id. While plaintiffs also alleged that the “cost of their meals” was an injury because “they would not have dined at P.F. Chang’s had they known of its poor data security,” and that “they have a prop-erty right to their personally identifiable data,” the court was skeptical that “any of these would be sufficient injury for Article III standing.” Id. at 968.

16. No. 15-cv-02129-MSK-NYW, 2016 WL 8578252 (D. Colo. Sept. 21, 2016).

17. Id. at *6.

18. 218 F. Supp. 3d 64 (D.D.C. 2016), app. dismissed, No. 16-5365, 2017 WL 2373044 (D.C. Cir. Apr. 18, 2017).

19. Id. at 76–77.

20. Id.

21. Id. at 78.

22. Id. at 79.

23. Id.

24. Id. As to these two plaintiffs, the court nonetheless dismissed their claims on the grounds of statutory standing, preemption, and failure to state a claim. Id. at 85.

25. 846 F.3d 625, 629 (3d Cir. 2017).

26. Id. at 629.

27. Id. at 634.

28. Id. at 635.

29. Id.

30. Id. at 629.

31. Id. at 638, 640.

32. 848 F.3d 262 (4th Cir. 2017).

33. Id. at 266–67.

34. Id. at 273.

35. Id.

36. Id. at 274.

37. Id.

38. Id. at 275–76.

39. Id. at 276–77.

40. In re Horizon Healthcare Servs. Inc. Data Breach Litig., 846 F.3d 625, 640–41 (3d Cir. 2017). 41. 848 F.3d at 271 n.4.

42. 663 F. App’x 384 (6th Cir. 2016).

43. Id. at 388.

44. Id. The court explained that “[a]lthough Nationwide offered to provide some of these services for a limited time, Plaintiffs allege that the risk is continuing, and that they have also incurred costs to obtain protections—namely, credit freezes—that Nationwide recommended but did not cover.” Id. at 388–89.

45. Id. at 388.

46. Id. at 390 (citing Parsons v. U.S. Dep’t of Justice, 801 F.3d 701, 714 (6th Cir. 2015)).

47. 689 F. App’x 89 (2d Cir. 2017).

48. Id. at 90.

49. Id.

50. Id. at 90–91 (citing Galaria, 663 F. App’x at 386).

51. Id.

52. Id.

53. No. SACV 15-1592 AG, 2016 WL 7973595 (C.D. Cal. Dec. 29, 2016).

54. Id. at *1 (citing 15 U.S.C. § 1681b). While the term “furnish” is not defined in the statute, the court noted that “courts generally use the term to describe the active transmission of information to a third-party rather than a failure to safeguard the data.” Id. (internal quotation marks omitted).

55. Id. at *3.

56. Id. at *3, *5.

57. Id. at *5. The court declined to dismiss negligence per se claims based on the Gramm-Leach-Bliley Act and the Interagency Guidelines Establishing Information Security Standards, except as to California plaintiffs because “there is no negligence per se claim in California.” Id. at *8.

58. Id. at *5 (citing N.Y. GEN. BUS. LAW § 349).

59. Id. at *9.

60. No. 3:15-md-2633-SI, 2017 WL 539578 (D. Or. Feb. 9, 2017).

61. Id. at *3.

62. Id. at *6.

63. Id. at *6–7. The court dismissed the fraud-based claims as to one specific policy because that policy only “contains a promise to have a company confidentiality policy and to have employees sign that policy.” Id. at *6.

64. Id. at *8.

65. Id. at *13.

66. Id.

67. Id. at *14.

68. Id. at *16.

69. Id.

70. In re Premera Blue Cross Customer Data Sec. Breach Litig., 198 F. Supp. 3d 1183, 1201 (D. Or. 2016).

71. 236 F. Supp. 3d 735 (W.D.N.Y. 2017).

72. Id. at 744.

73. Id. at 753.

74. Id. The court also held that “mitigation efforts following a data breach do not confer standing where the alleged harm is not imminent.” Id. at 754. Nor was it sufficient to allege that plaintiffs over-paid for their health insurance in light of Excellus’s allegedly lax data security. Id. And, as every other court to consider the question has held, the court rejected the argument that “the diminution in value of personal information can support standing.” Id. at 755.

75. Id.

76. Id. at 759–60.

77. Id. at 761. The court dismissed plaintiffs’ implied covenant claim “as duplicative of their breach of contract claim because both claims arise from the same facts and seek the same damages for each alleged breach,” id. at 763, but permitted plaintiffs’ unjust enrichment claim to proceed because there was a dispute as to whether “the parties have an enforceable contract with definite and material terms regarding the provision of data security,” which would bar such a remedy. Id. at 770.

78. Id. at 763–64, 769–70.

79. Id. at 773.

80. Id. at 776 (citing N.Y. GEN. BUS. LAW § 349).

81. Id. at 782.

82. Id. at 784; see also Hapka v. Carecentrix, Inc., No. 16-2372, 2016 WL 7336407, at *5 (D. Kan. Dec. 19, 2016) (plaintiffs adequately pleaded a negligence claim despite failing to identify a statutory duty because “[g]iven plaintiff’s allegations that the harm was foreseeable, defendant had the duty to exercise reasonable care to prevent that harm”).

83. No. 16-cv-7911, 2017 WL 2345537 (N.D. Ill. May 30, 2017).

84. Id. at *2.

85. Id. at *3.

86. Id. at *4.

87. See, e.g., AnnaMaria Andriotis & Ezequial Minaya, Equifax Reports Data Breach Possibly Affecting 143 Million U.S. Consumers, WALL ST. J. (Sept. 8, 2017), https://www.wsj.com/articles/equifax-reports-data-breach-possibly-impacting-143-million-u-s-consumers-1504819765.

88. See, e.g., Michael S. Schmidt & Steven Lee Myers, Panama Law Firm’s Leaked Files Detail Offshore Accounts Tied to World Leaders, N.Y. TIMES (Apr. 3, 2016) (data breach of Panamanian law firm Mossack Fonseca), https://www.nytimes.com/2016/04/04/us/politics/leaked-documents-offshore-accounts-putin.html; Byron Tau & Damian Paletta, DNC Says Computers Breached by Russian Government-Linked Hackers, WALL ST. J. (June 14, 2016), https://www.wsj.com/articles/democratic-national-committee-computers-breached-by-hackers-linked-to-russian-government-1465920304 (data breach of Democratic National Committee’s computer systems).

For well over a century, the Sherman Antitrust Act has prohibited agreements to allocate productive resources or inputs. An agreement with a competitor to allocate the supply of steel, for instance, would be per se unlawful. So, too, are agreements to allocate customers or territories. Yet agreements between competitors or potential competitors not to “poach” one another’s employees—a potentially scarce resource, particularly for high-level talent in a tight labor market—are surprisingly common.

Since the high-profile case against major Silicon Valley companies—Apple, Google, Intel, and others—condemning such agreements, lawyers have become increasingly aware of the issues surrounding competitor agreements regarding the allocation of labor. See United States v. Adobe Sys., Inc., No. 1:10-cv-01629-RBW (D.D.C. Mar. 18, 2011); In re High-Tech Emp. Antitrust Litig., No. 5:11-cv-02509-LHK (N.D. Cal. Sept. 2, 2015). The Department of Justice and the Federal Trade Commission issued guidance in October 2016 on such agreements, noting that the antitrust laws apply to “competition among firms to hire employees.” Since then, they have pursued actions against companies that have agreed to allocate labor resources, as evidenced by the recent settlement with Knorr-Bremse AG and Westinghouse Air Brake Technologies Corporation, following an agreement not to solicit, recruit, hire, or otherwise compete with one another for employees. The Department of Justice has even recently announced that “naked” agreements not to compete for talent may be pursued criminally. In addition, private suits have been filed, with one alleging recently that McDonalds’ franchisees have agreed to limit competition for employees. See Leinani Deslandes v. McDonald’s USA, LLC et al., No. 1:17-cv-04857 (E.D. Ill June 2018).

Yet little has been written about the boundaries of agreements between competitors or potential competitors when it comes to such talent. Some agreements, of course, are clearly “naked,” per se unlawful agreements. Those are agreements that are not reasonably necessary to support a separate, legitimate business transaction or collaboration, and they would eliminate competition in the same way as agreements to fix prices or to allocate customers. For those agreements that might be something other than a naked agreement to eliminate competition, however, it is not always easy to ascertain the line between that which is permissible and impermissible under the “rule of reason,” a construct in antitrust law where a fact finder would weigh any competitive harm against potential legitimate justifications.

This piece examines the implications under U.S. antitrust laws of transactional agreements that commonly include nonsolicitation provisions.

Merger and Acquisition Transactions

Mergers and other acquisition transactions commonly include nonsolicitation covenants that prohibit the seller’s solicitation of employees of the divested business for some period after the transaction closes. Variants of these types of provisions may include exceptions for solicitations made generally in advertising job openings so long as they do not target the restricted employees specifically, or for hiring an otherwise restricted employee that makes unsolicited first contact with the seller seeking employment. The restrictions may also be broader in their scope, extending to employees of the buyer or its affiliates.

Also ancillary to the “due diligence” process leading up to mergers and acquisitions, parties commonly enter into agreements restricting the use and disclosure of confidential information shared by the parties in connection with those transactions. Those confidentiality agreements typically prohibit the receiving party’s use of confidential information for any purpose other than the narrowly defined purpose of the transaction. Although the restriction on use might generally prevent the receiving party from using confidential information (such as salary data) to its advantage in soliciting the disclosing party’s employees, confidentiality agreements frequently include express employee nonsolicitation provisions that go beyond restrictions on use of confidential information in their scope and specificity.

If these types of nonsolicitation agreements are entered into in connection with a potential merger or acquisition and are reasonably ancillary to the transaction (as opposed to a mere cloak to engage in the allocation of labor inputs or the fixing of employee salaries), they should not qualify as “naked” per se illegal restraints on competition.

Real-world concerns in fact often motivate these restrictions. For instance, a company that opens its plant and access to employees to a competitor evaluating an acquisition might be concerned that the competitor will simply take note of its key employees and, rather than continuing with the acquisition, decide to poach the talent. This is particularly the case with key employees in which the company might have years of training and investment, and where the assets of the company are largely found in human talent and know-how.

The Department of Justice implicitly recognized this in the final judgment of the Adobe Systems Inc. case where it agreed that a no “direct solicitation” agreement is not prohibited if it is “reasonably necessary for mergers or acquisitions, consummated or unconsummated, investments, or divestitures, including due diligence related thereto.” See United States v. Adobe Sys., Inc., No. 1:10-cv-01629-RBW (D.D.C. Mar. 18, 2011), ECF No. 17.

This leaves the question of what is “reasonably necessary” for a transaction and, if such agreements are “reasonably necessary,” whether the agreements would survive scrutiny after determining potential competitive consequences.

For purposes of considering the legitimacy of nonsolicitation agreements in these types of transactions, it is helpful to divide this category into two subcategories of merger or acquisition transactions: those involving a “financial buyer,” such as a private equity sponsor or other acquisition fund, and those involving a “strategic buyer,” such as a competitor of the target company. In the context of a financial buyer, the transaction does not diminish competition for employees in the applicable market—the owner of one employer is merely replaced with the financial buyer, who is unlikely to become an independent competitor for the labor inputs otherwise. Competition for employees, therefore, is unlikely to be diminished in this kind of arrangement. To the extent that the antitrust laws are concerned with competitive effects in a relevant market (here, the market for employees or talent), or foreclosure of inputs to actual or otherwise potential competitors, these types of agreements should not be problematic.

In the strategic buyer context, by contrast, competition for employees may be diminished as two previous employers in the market consolidate into one, which consequently has greater market power. In this context, as in any rule of reason inquiry, lawyers should inquire into the potential effects of any nonsolicitation agreements. This involves examining how consolidated the market might become after the transaction (i.e., how many options the employees might have elsewhere); how broad the nonsolicitation agreements are; and how many employees might be bound by them (i.e., do they apply only to executives or all employees?). The inquiry revolves around foreclosure of potential competition for employees and the tying up of potentially scarce labor inputs. The inquiry is context specific, and the answer to whether such agreements might pose problems in any circumstance depends on balancing the degree of impact on the labor market against the necessity of such agreements to consummate a potentially beneficial transaction for consumers more broadly.

Whether nonsolicitation provisions accompanying merger or acquisition transactions in the due diligence context are reasonably necessary to encourage what might otherwise be a beneficial transaction depends largely on the purpose motivating the nonsolicitation clauses, as well as the foreclosing effects of such agreements.

Employment Agreements and Other Commercial Transactions

Employment agreements often contain restrictive covenants made by the employee, commonly including nonsolicitation clauses. Those nonsolicitation covenants are designed to prevent the employee, who is frequently in a position of leadership over the company’s other employees, from using that relationship as an advantage in poaching other employees. These covenants typically apply during the employee’s employment and for a specified period (often a year or more) after that employment ends. Outside of the context of a customary employment agreement, nonsolicitation covenants are also commonly found in form confidentiality, intellectual property assignment, incentive equity, and similar uniform agreements that even nonexecutive employees are expected to sign as a condition of their employment or incentive equity participation.

Employee nonsolicitation agreements may also appear in supply agreements, distribution agreements, joint development agreements, executive search arrangements, and other service relationships with independent contractors, among others. The common thread in these types of relationships is the familiarity that the parties develop with each other’s employees, whether through information sharing, direct interaction, or otherwise, and each party seeks to prevent that familiarity from enhancing the other’s efforts to hire away that party’s employees. For example, a company may enter into an agreement with a marketing firm to promote the company’s products. The service agreement may contain a covenant of the company not to solicit the marketing firm’s employees to prevent the company from bringing the services in-house with the use of the marketing firm’s former employees. These agreements often apply both during the term of the relationship and for a specified period after the relationship ends.

To the extent that these agreements are widespread, attaching to employees throughout the company, one should determine their breadth, ensuring that they are narrowly tailored to address procompetitive, legitimate concerns and that they do not unreasonably hinder competition or potential competition for employees in a particular industry or market. Imagine, for instance, a situation where a company employs half of all relevant skilled employees in a geographic or product area, and where that company has included form nonsolicitation covenants in every employment or equity grant agreement. If an employee were to leave, either to start a competing venture on his or her own, or to work for an established competitor, that employee’s new venture (especially if the employee starts the venture) might have significantly diminished opportunities to recruit talent and therefore to compete. This would be an example of a situation in which the breadth and prevalence of such agreements might foreclose competition, outweighing any potential justifications.

Nonsolicitation agreements are common across industries through a variety of transactions and otherwise. Although nothing in the law of agreements in restraint of trade has changed, recent events—as well as agency guidance—have highlighted the potential perils of these agreements. As with any agreement between competitors or potential competitors, companies competing (or potentially competing) for labor inputs must take care to ensure that they only enter into agreements that are narrowly tailored to meet a legitimate, procompetitive, business purpose. This requires an analysis of the potentially foreclosing effect of such agreements on employee movement, the breadth and prevalence of such agreements, and whether the agreements are no more restrictive than necessary to meet their legitimate objectives.