While politically and ideologically poles apart, U.S. House of Representatives members Liz Cheney and Adam Schiff, both members of the Select Committee investigating the attack on the Capitol on January 6^th, cited the rule of law as the fundamental basis for their concerns. Representative Cheney expressly said that “our most important obligation” is “to defend the rule of law.” She then rhetorically asked, “Will we adhere to the rule of law?” Representative Schiff stated, “Because if we’re no longer committed to a peaceful transfer of power after our elections if our side doesn’t win, then God help us.”

We read or hear virtually every day that the “rule of law” has once again been broken or threatened. There are many books documenting current and recent threats to democracy, widespread economic inequality, and overt discrimination against large segments of our society. Laurence H. Tribe, Harvard constitutional law professor emeritus, and two other law school professors, both former U.S. Attorneys, recently published an op-ed that concluded, “If Garland’s Justice Department is going to restore respect for the rule of law, no one, not even a former president, can be above it.”

What is the “rule of law”?  All lawyers, even business lawyers, are charged with responsibility for both adhering to it in our professional practice and preserving it for the benefit of humanity and the social, political and economic order of which we are so proud. But what is it? Where did it originate? Why are lawyers in particular supposed to protect it?

This famous and almost revered term of art describes a both realistic and aspirational concept of universally applicable normative behavior for humans in relation to themselves and others, including animals, plants and other elements of creation. These norms, when initially articulated and established,  are prospective, not retroactive; clearly expressed both orally and in writing with unambiguous and coherent terminology; and broadly and commonly accepted as reasonably and objectively interpreted and applied in the situations to which they are intended to apply. They are to be promulgated and enforced by persons and institutions of integrity with widely acknowledged authority to enact and enforce the norms and who themselves are expected and required to comply with them.

King John’s affixing his seal to the Magna Carta in June 1215 is frequently cited as the earliest official act of a divine right sovereign monarch recognizing that he was, after all, subject to restraints on his power. The text reads in significant part:

“No freeman shall be taken, imprisoned, disseised, outlawed, banished, or in any way destroyed, nor will We proceed against or prosecute him, except by the lawful judgement of his peers or by the law of the land. To no one will We sell, to none will We deny or delay, right or justice.”

These ancient words that King John negotiated with his powerful barons expressly forbid the exercise of arbitrary or unaccountable power – and thus the use of violence – coercively to achieve the King’s goals. They further put everyone on notice that the King would not corruptly use the power he retained. These principles plainly are thus embedded in the rule of law.

Our foundational law, the Constitution of the United States, is not the result of a monarch’s recognizing restraints on his powers but is a covenant of a community who, in 1787, stated in the Preamble:

“We the People of the United States, in Order to form a more perfect union, establish Justice, insure domestic Tranquility, provide for the common defence, promote the general Welfare, and secure the Blessings of Liberty to ourselves and our Posterity, do ordain and establish this Constitution for the United States of America.”

It is easy to see the basic principles reflected in the Magna Carta also reflected in the Preamble’s language. Establishing justice, ensuring domestic tranquility, providing for common defense and promoting the general welfare, while securing the blessings of liberty, are norms that are not only in the whole community’s interest, but they also allow individual members of the community to pursue happiness, one of the express goals of the Declaration of Independence. These principles are embedded in the rule of law as we commonly understand it today.

Two years ago, the American Bar Association Business Law Section Council established the Rule of Law Working Group, explicitly recognizing that business lawyers, as members of the Bar, have responsibility for not just honoring the rule of law but also for protecting and defending the Constitution, as we are sworn to do upon admission to the Bar. Why has this responsibility been assigned to lawyers? Are lawyers especially equipped to be the custodians of the rule of law?

Lawyers are educated, trained and professionally engaged unfailingly to comply with the Rules of Professional Conduct. These rules require us to be unflinchingly honest with clients, tribunals and each other as we engage on behalf of clients, and to be reasonable (i.e., to make fact-based arguments and proposals) when professionally engaged. We are also expected to assure, to the extent we can, that statutes and other normative rules are lawfully authorized and rationally interpreted and enforced, in order to promote the general welfare and secure the blessing of liberty, both currently and in the future, for the benefit and account of our clients and ultimately, also, the community at large.

These standards are explicitly set forth in the Preamble to the ABA Model Rules of Professional Conduct. “[1] A lawyer, as a member of the legal profession, is a representative of clients, an officer of the legal system and a public citizen having special responsibility for the quality of justice. … [6] … As a member of a learned profession, a lawyer should cultivate knowledge of the law beyond its use for clients, employ that knowledge in reform of the law and work to strengthen legal education. In addition, a lawyer should further the public’s understanding of and confidence in the rule of law and the justice system because legal institutions in a constitutional democracy depend on popular participation and support to maintain their authority.”  (Emphasis supplied.)

Of course, lawyers may reasonably be compensated for legal services rendered (Model Rule 1.5), but Model Rule 6.1, “Voluntary Pro Bono Publico Service,” states that “Every lawyer has a professional responsibility to provide legal services to those unable to pay.” Both of these rules and the principles embedded in them are conditions to our being licensed as lawyers. Thus, none of us can legitimately claim that our limited expertise or limited personal interest in knowing or caring about the rule of law, much less protecting and defending the Constitution, excuses us from respecting and indeed, honoring, these responsibilities, both in our professional practices and otherwise as “public citizens.”

What are the implications of this responsibility?

• What persons or institutions can or should determine normative behavior?
• What restraints, if any, are imposed on the deciders or enforcers of normative behavior for each of these categories?
• What gives the restraints, or lack thereof, authenticity or legitimacy?

How does the rule of law answer or provide guidance for the answers to each of these questions? This brief article is not the vehicle for definitively answering that question, but it is important – and for lawyers, necessary – to have a working knowledge of possible answers. Although the rule of law has applicability beyond the strictly legal realm (such as with respect to the philosophical concept of justice and also with respect to ethics and morality), lawyers over the ages have assumed the mantle of its custodian. It is submitted that our challenge and responsibility is to do our part in the circumstances we currently confront as practitioners and as citizens.

What can the buyer of an operating business recover as damages when the seller fails to indemnify the buyer for harm caused by the seller’s breach of a representation or warranty in the transaction contract? Modern case law and commentary describe mutually exclusive options: either dollar-for-dollar damages to recover out-of-pocket losses, or damages equal to the diminution in value of the business, which is often misleadingly described as damages “subject to a multiplier” or “at the multiple.”[1] The determinative question for deciding between these options, we are told, is whether the business has been permanently injured as a result of the issue giving rise to the breach. For example, if the breached representation concerns the status of a material customer relationship, some would suggest that the buyer must establish lost revenues from that customer “into perpetuity” to be entitled to diminution in value damages.[2] However, the notion that diminution in value damages are only appropriate if the business has suffered harm that will linger for eternity is a false construct, and a confusing way of expressing the simple concept that diminution in value damages are warranted only when the value of the business as acquired has actually been diminished by the seller’s breach. The confusion is compounded when the best way of calculating the diminution in the entity’s value involves using a multiple of earnings, and the valuation methodology is mischaracterized as producing a multiple of damages. Determining whether the value of a business has been diminished by a seller’s breach of representation or warranty (really, its breach of its obligation to indemnify for the loss caused by that breach) is hard enough, without muddying the waters with a misleading standard. This article will endeavor to dispel some myths haunting the measurement of damages in representation and warranties claims arising out of mergers and acquisitions.

Absent an express remedy in the contract, state common law is the starting point for determining damages for a breach of contract. While many states express the measure of damages arising from a breach of contract as “the amount of money that would put the non-breaching party in the same position that the party would have been in had the breach never occurred,”[3] that simple phrase leaves much open to interpretation and offers little real guidance in the M&A context. To place the buyer of an operating business into the position it should have held but for a breach of representation concerning the business, a court will typically award either the cost to “remedy the defect” caused by the breach (an out-of-pocket loss), or the diminution in the value of the business.[4] Ostensibly, the court selects an option which makes the buyer whole without an unwarranted windfall.

The easiest way to illustrate these damages options is through hypotheticals at the extremes. If the seller’s breach of warranty is an inflated representation of one, relatively minor, account receivable, the buyer could be placed in the position it would have been in but for the breach by awarding damages in the amount of the difference between the receivable as represented and in reality. This remedy makes the buyer whole, because the value of the entire business really has not been diminished by one inflated account receivable. At the other extreme, if the seller has fraudulently and grossly inflated its last twelve months’ earnings by using fictitious revenue from fictitious customers, then the value of the business as delivered to the buyer is materially different than the value as warranted. In that case, diminution in value damages are the only way to make the buyer whole.

But consider a more nuanced situation where the breach of representation or warranty concerns the status of a material customer relationship, and the relationship disappears upon the buyer’s purchase. Should the buyer be compensated for the lost profit from the relationship for some fixed period of time, maybe tied to the length of the business’ contract with the customer (if such a contract exists)? Or, should the buyer be compensated for the difference between the value of the business with an unimpaired customer relationship (as warranted) and the value without the relationship at all (as delivered)? There is scant case law from which to answer these questions, which only causes undue emphasis on the few cases that strive to do so.

Zayo Group, LLC v. Latisys Holdings, LLC, C.A. No. 12874-VCS, is one of the rare cases that does consider the type of damages to be awarded in a situation somewhat similar to the one described above, albeit only in dicta and limited to some very specific facts. Zayo involved the sale of an information technology infrastructure services business that primarily employed short-term contracts with its customers. The seller warranted that it had not received notice of the termination of, material modification of, or refusal to perform, its material contracts. The seller, however, did not warrant lack of notice of a customer’s intent not to renew a material contract. When several material contracts did not renew post-acquisition, the buyer brought suit. After trial, the court entered judgment for the seller, finding no breach of contract. Although the decision on liability was determinative of the case, the court considered the buyer’s claim for damages. A careful reading of the damages portion of the Zayo opinion reveals the court’s reliance on the seller’s expert as the source of what could be misunderstood as statements of the law of damages. For example, the court stated:

Benefit of the bargain—or expectancy—damages measure the difference between the as-represented value of a transaction (typically the purchase price) and the value the purchaser actually received. The actual value the purchaser received, in turn, must assume, and account for, a diminution of the company’s earnings into perpetuity. The “benefit of the bargain” methodology is appropriate for calculating damages only when the alleged breach of the representation or warranty has caused a permanent diminution in the value of the business (as a result of lost revenues into perpetuity) and the business has thereby been permanently impaired.[5]

As explained below, the italicized sentence, for which no legal authority is cited, is ripe for misinterpretation and serves as a poor teacher for any court seeking to determine whether out-of-pocket loss or diminution in value is the appropriate measure of damages.

Precise word choice matters, and this portion of the Zayo opinion uses temporal terms that cannot be read literally, leaving courts and practitioners alike to wonder how they should be applied. No buyer of a business could ever prove lost revenues from any customer into perpetuity. “Perpetuity” is defined as “eternity,” and “eternity” is defined as “infinite time.”[6] It is hard enough (impossible, actually) to prove that a customer would be a customer for eternity, but if the customer relationship has been lost, how does the business buyer prove that the customer would have been a customer for eternity after the customer is no longer a customer by its own volition?

Similarly, “permanent” is defined as “continuing or enduring without fundamental or marked change.”[7] While the loss of a material customer relationship could permanently diminish the value of a business, it is equally possible that such a loss could materially diminish the value of the business as sold (at the time of the acquisition), but over the course of time the business could recover.[8] Is the buyer only entitled to diminution in value damages in the former scenario, but not the latter? And, if the question turns on whether the value of the business will forever be diminished, or might at some point in the future recover, how could the parties and court even determine that within the timespan of a litigation commenced shortly after the sale?

The manner in which valuation professionals value businesses may be to blame for the misleading suggestion that lost revenue into perpetuity is a prerequisite for diminution in value damages. Valuation professionals typically value a business by making an informed estimate of the business’s future using its present and past performance as indicia of its prospects. Typically, the income stream used in the valuation of a business should be the expected income into “perpetuity,” but, that income into perpetuity is then discounted (through a discount rate or embedded within an earnings multiple) to capture the increasing and compounding risk that the income stream could stop after a given year and, therefore, not last into perpetuity. Effectively, depending on the discount rate, after about 15 to 20 years the expected discounted annual income could quickly approach $0. In other words, while “perpetuity” is the standard terminology used in valuing a business, it is a risk adjusted perpetuity, such that the valuation models typically reflect little incremental benefit from the income after 15 to 20 years in the future. The buyer of a business does not typically actually expect any business condition, let alone a revenue stream, to continue into perpetuity, further divorcing the aforementioned Zayo standard for the award of “expectancy damages” from the reality of what a business buyer expects from a transaction. This therefore begs the question of why, if the status of a material customer relationship is misrepresented and the objective value of the business as delivered is less than as warranted, a court would require a buyer to prove loss of perpetual income that no one contemplated simply to recover the difference in the value of the company as promised and as conveyed?

The use of the misnomer “damages subject to a multiplier” to explain diminution in value damages compounds the confusion caused by the misunderstanding of “perpetuity” for valuation purposes.[9] This phrase conflates the nature of the harm with the valuation methodology used to calculate the harm. A brief hypothetical illustrates the point: Assume a business is purchased for $100 million, and the purchase price was established under a market approach valuation using a 5x multiple against a trailing 12-month EBITDA of $20 million. The seller represents that it is unaware of any indication that its top ten customer relationships are in peril. That representation proves to be false; the seller was aware that a top, longstanding customer was planning to terminate its relationship, and the customer does so right after the sale. The customer was responsible for $2 million of EBITDA over the trailing 12 months. The buyer may argue that the appropriate calculation of damages is to use the market approach to determine the difference between the value of the business as warranted ($100 million) and as delivered. The buyer might then argue that the court should back out the lost customer’s contribution to the trailing 12-months EBITDA ($2 million) from the company’s total, and then reprice the business as it was originally priced, using a 5x multiple. This would result in an “as-delivered” value of $90 million (5 x $18 million). The difference between the business as warranted and as-delivered now is $10 million ($100 million – $90 million), thus the buyer’s diminution in value damages are $10 million.

Too often, however, the buyer’s damages in this scenario are described as “damages at the multiple” or as consequential damages, as if the buyer’s damages were actually $2 million, and are somehow being multiplied like a statutory enhanced damages award.[10] In fact, the buyer’s damages are $10 million, the difference between the price paid and the value of the company as delivered, and are only being calculated using a multiple in the market-based valuation methodology. Indeed, it is likely that the business without the customer relationship could be valued (and the same damages amount reached) using an income approach without a multiple but with a discount rate. Awarding any plaintiff or injured party a “multiple” of its actual damages sounds extreme, to be applied only in the most egregious of situations. But, in this hypothetical the buyer is not recovering a “multiple” of its damages, it is recovering the base value of its actual damages. Characterizing the amount as damages “at the multiple” or “subject to a multiplier” simply because a market approach is used to calculate the diminution in the company’s value will consciously or unconsciously bias courts against what is a just award.

A more honest – if not better – standard for determining when diminution in value damages are appropriate in mergers and acquisitions representations and warranties claims is akin to Justice Potter Stewart’s famous definition of pornography: “I know it when I see it.”[11] Notwithstanding its misleading use of “damages at the multiple” and “perpetuity” terminology, the AICPA Practice Aid that was heavily relied upon by the seller’s expert (and thus the court) in Zayo provides a simpler analysis: “Claims that result in dollar-for-dollar damage are typically those that have a one-time effect on the target and that do not impact the target financial condition in future periods (in other words, will not affect future cash flows).”[12] To determine whether a diminution in value has occurred, the AICPA Practice Aid advises that “[t]he primary question that should be asked and evaluated is, Has the buyer’s business been damaged into the future?”[13],[14] Damage that lasts into the future is more likely to be damage that affects the underlying value of the business at the time of the sale, but as suggested above, the future is not necessarily eternity.

Rather than trying to understand and adhere to misused concepts like “perpetuity,” “permanent,” or “at the multiple,” courts should employ a more holistic approach, focusing on the buyer’s actual expectations, the impact of the misrepresentation on the business after the transaction,[15] and a healthy dose of common sense. In Zayo, for example, a host of factors contributed to the court adopting the seller’s damages calculations, including that (i) no breach occurred (which explains why the damages portion of the opinion is dicta), (ii) the buyer’s expert had no valuation experience, and (iii) no buyer witness testified that the buyer would have paid less but for the alleged misrepresentation. However, the core of the court’s reasoning was that the underlying business “was a revolving door” of short-term contracts with short customer loyalty.[16] The loss of a few of these short-term customer relationships was to be expected and did not devalue the overall business in an amount greater than the lost contract renewal revenue (the out-of-pocket loss). Therefore, a “dollar-for-dollar” damages award would make the buyer whole, whereas a diminution in value recovery calculated using a multiple of EBITDA would result in a windfall to the buyer.

As the case law in this area develops, one would expect and hope to see more clarity around the standard for determining when diminution in value damages are appropriate. Diminution in value, after all, is the traditional remedy for a breach of warranty under the “benefit of the bargain” rule, i.e., the difference between the actual value of the property and the value which it would have had absent the breach.[17] As a result, one would expect diminution in value to be the default remedy for a contractual misrepresentation in the sale of a business, generally applicable absent a showing that it would result in a windfall. Eliminating the misconceptions that diminution in value damages require proof of lost revenue for eternity or that they equate to enhanced damages may hasten the arrival of such much-needed clarity.

[1] See, e.g., American Institute of Certified Public Accountants Forensic & Valuation Services Practice Aid for Mergers and Acquisition Disputes (“AICPA Practice Aid”), at 19 (“Depending on the nature of the alleged breach, claims for indemnification may result in dollar-for-dollar damages to recover out-of-pocket losses or damages subject to a multiplier in situations when a buyer can demonstrate that it overpaid for the target based on the alleged breach.”)

[2] Zayo Group, LLC v. Latisys Holdings, LLC, C.A. No. 12874-VCS, 2018 WL 6177174, *16 (Del. Ch. Nov. 26, 2018).

[3] Cobalt Operating, LLC v. James Crystal Enterprises, LLC, Civ. A. 714-VCS, 2007 WL 2142926, *29 (Del. Ch. July 20, 2007) (citing Del. Limousine Serv., Inc. v. Royal Limousine Serv., Inc., 1991 WL 53449, *3 (Del. Super. 1991)). See also, Merrill Lynch & Co., Inc. v. Allegheny Energy, Inc., 500 F.3d 171, 185 (2d Cir. 2007) (“A party injured by breach of contract is entitled to be placed in the position it would have occupied had the contract been fulfilled according to its terms.”) (citation omitted).

[4] See Universal Enterprise Group, L.P. v. Duncan Petroleum Corp., C.A. No. 4948-VCL, 2013 WL 3353743, *19 (Del. Ch. July 1, 2013). There is certainly an argument that the correct measure of damages is always, or almost always, diminution in value: “[W]here the seller makes misrepresentations about the business he is selling, the natural and probable result is that the business is actually worth less than the buyer paid, and diminution of value damages therefore compensate the buyer for ‘the value of the promised performance.’” Powers v. Stanley Black & Decker, Inc., 137 F. Supp. 3d 358, 386 (S.D.N.Y. 2015) (quoting Schonfeld v. Hilliard, 218 F.3d 164, 176 (2d Cir. 2000)).

[5] Zayo, C.A. No. 12874-VCS at 16 (citations omitted; emphasis added).

[6] https://www.merriam-webster.com/dictionary/perpetuity; https://www.merriam-webster.com/dictionary/eternity.

[7] https://www.merriam-webster.com/dictionary/permanent.

[8] Damages are measured at the time of the breach. Comrie v. Enterasys Networks, Inc., 837 A.2d 1, 17 (Del. Ch. 2003); Sharma v. Skaarup Ship Mgmt. Corp., 916 F.2d 820, 825 (2d Cir. 1990). For a breach of representation or warranty arising from the sale of a business, that time is typically the date the transaction closes.

[9] See supra, n.1.

[10] See AICPA Practice Aid, at 57 (“Indemnity claim damages can be measured two ways: dollar for dollar over a finite period or into perpetuity or at the multiple ….”); Powers, 137 F. Supp. 3d at 385-86 (holding that diminution in value damages are direct, not consequential, damages).

[11] Jacobellis v. Ohio, 378 U.S. 184, 197 (1964) (Stewart, J., concurring).

[12] AICPA Practice Aid, at 57.

[13] Id. at 59.

[14] In the sale of an operating business, past harm can create damage into the future. The import of representations and warranties is to protect against the possibility that the earnings assumptions on which the buyer relies in purchasing the business are not sustainable on a going-forward basis. Cobalt Operating, at *27. Thus, past harm (e.g., inflated revenue figures, or concealment of material customer relationship problems) often affects future cash flows.

[15] A word of caution: As noted above, damages are measured as of the date of the breach, which is usually the date of the transaction. See supra, n.5. Courts have taken very divergent views on whether the company’s performance after the transaction is probative of its value as of the date of the transaction. See, e.g., Merrill Lynch & Co., 500 F.3d at 185 (“The district court’s inquiry into [the business’s] performance and market conditions in the months following the acquisition was improper because events subsequent to the breach, viewed in hindsight, may neither offset nor enhance [the buyer’s] general damages.”)

[16] Zayo, C.A. No. 12874-VCS at *16.

[17] See, e.g., Clearview Concrete Products Corp. v. S. Charles Gherardi, Inc., 88 A.D.2d 461, 453 N.Y.S.2d 750, 756 (Sup. Ct., App. Div. 2^nd Dept. 1982) (citations omitted).

The temptation for anyone – including lawyers – to take part in a whistleblower bonanza is all but irresistible. Moreover, federal whistleblower legislation and the federal agencies authorized to provide monetary whistleblower awards continue to proliferate, the latest being the Anti-Money Laundering Act of 2020 (the “AMLA”),[1] which was enacted in January 2021. The AMLA provisions were modeled on others enacted as recently as 2010, and whistleblower awards over the past decade have been nothing short of bountiful.

On May 19, 2021, for example, the Securities and Exchange Commission (the “SEC”) awarded $28 million to a whistleblower based on charges and a recovery not from the particulars reported by the whistleblower, but from an investigation in another geographic area altogether that arose as a result of the original tip. That is, the tip reporting wrongdoing in one geographic region did not itself lead to any recovery, but led to investigations by the SEC and another agency that ultimately resulted in charges and recovery in another geographic region not reported by the whistleblower.

In general, an agency authorized to provide whistleblower awards does so as a result of moneys collected in a judicial or administrative action (a “Covered Action”), provided the sum collected is at least $1 million. In aid of a Covered Action can be another judicial or administrative action brought by another entity[2] based upon the original information provided by the whistleblower (a “Related Action”). The Final Order in the aforementioned May 2021 award noted that, although “the Covered Action’s and the Related Action’s charges involved misconduct in geographical regions that were not the subject of the Claimant’s information” and there was “not a strong nexus between the Claimant’s information and the . . . charges,” an award would nonetheless be granted that “appropriately recognizes Claimant’s level of contribution to the Covered Action and Related Action.”

Another whistleblower award of similar magnitude was issued on April 20, 2020, when the SEC announced the payment of a bounty of more than $27 million to a whistleblower who alerted the agency to misconduct occurring, in part, overseas. But that award did not even make it onto the list of the top 10 awards ever paid by the SEC, which has now made over $900 million in whistleblower awards. As these awards may, by statute, only be from 10% to 30% of the amounts recovered, simple arithmetic tell us that, based on information from whistleblowers, the SEC has since collected anywhere from $3 to $9 billion for violations of the federal securities laws.[3]

These whistleblower awards are given pursuant to express authority contained in the Dodd-Frank Wall Street Reform & Consumer Protection Act of 2010 (“Dodd-Frank”).[4] The $28 million award in May 2021 is only the 10th largest the SEC has granted since inception of the program. The largest thus far was a whopping $114 million, issued on October 22, 2020, of which $52 million came from the SEC and the balance of $62 million from another agency, the identity of which is redacted in the Final Order.

“Where do I sign up?,” you may well ask. Receiving money of this magnitude is truly a life-changing event and creates a powerful incentive for anyone to provide information to the government that is likely to lead to large recoveries for fraud. This article therefore considers the propriety of a lawyer receiving a financial award for acting as a whistleblower[5] under recent federal programs authorizing rather munificent bounties. In the majority of cases, receipt by a lawyer of such an award would be not unjust enrichment, but rather unethical enrichment.

Whistleblowing by a lawyer all by itself – i.e., even without the added layer of financial incentive – is problematic in legal ethics, not only because it raises serious questions about disclosure of confidential client information but also because uncertainty surrounds a federal administrative agency’s assertion of authority to preempt state analogues of the Model Rules. The prospect of substantial financial gain[6] compounds the problem by creating incentives that, by their very nature, run counter to two fundamental and virtually peremptory norms of the legal profession: avoiding conflicts of interest under Model Rule 1.7 and either Model Rule 1.8 (for current clients) or Model Rule 1.9(c) (for former clients), as well as preserving the confidentiality of client information under Model Rule 1.6.

While reference is occasionally made by analogy in this article to judicial decisions addressing the question of lawyers receiving financial awards in qui tam actions[7] arising under the federal False Claims Act (“FCA”), this discussion will not address recovery by a lawyer as a “relator”[8] under the FCA or any of the many state analogues[9] of that statutory scheme.

Before proceeding, let’s briefly acknowledge the “elephant in the room”: A cynical lawyer might postulate, purely from a financial or retirement planning perspective, that the magnitude of whistleblower bounties makes the prospect of severe disciplinary action – even suspension or disbarment – an acceptable risk. The author will not comment on this risk-reward conjecture, other than to point out that the risk should not be underestimated, because the pot of gold at the end of the rainbow may not be found. The behavior that may give rise to discipline would always antedate any whistleblower award, neither the receipt nor the magnitude of which is a “sure thing” — dependent as they are upon:

1. a determination by one or more government agencies to investigate;
2. the outcome of the investigation;
3. a decision to prosecute an enforcement action on the basis of that investigation;
4. the success of that enforcement action; and
5. the ultimate monetary recovery by the government.

In the English version of an adage from the ancient world, “There’s many a slip ‘twixt the cup and the lip.”

BACKGROUND

The whistleblowing provisions in question have been created by two separate regimes. The older one, scarcely more than a decade old, was enacted in Dodd-Frank; the more recent – enacted in 2021, in fact – is the AMLA.

The Dodd-Frank Regime

There are two pertinent provisions of Dodd-Frank. Section 748 amended the Commodity Exchange Act of 1936 (the “CEA”)[10] by adding a new Section 23, entitled “Commodity Whistleblower Incentives and Protection.” That provision directs the Commodity Futures Trading Commission (the “CFTC”) to pay awards, subject to certain limitations and conditions, to whistleblowers who voluntarily provide it with “original” information about a violation of the CEA that leads to the successful enforcement of an action brought by the CFTC that results in monetary sanctions exceeding $1,000,000, or the successful enforcement of a related action.[11] The CFTC promulgated a final rule[12] and created a “Whistleblower Program” to implement this provision. Similarly, Section 922 of Dodd-Frank amended the Securities Exchange Act of 1934 (the “Exchange Act”)[13] by adding a new Section 21F, directing the SEC to do likewise, mutatis mutandis.[14] The SEC has established its own “Office of the Whistleblower” and promulgated a final rule (since amended) to implement the elements of its respective statutory authorizations.[15] If an eligible whistleblower’s information leads to recovery by either the CFTC or the SEC of $1 million or more, then the whistleblower may receive anywhere from 10% to 30% of the actual amount recovered in the action or related actions.[16]

AMLA

A 1984 statute authorized the Treasury to pay an award to whistleblowers for original information about violations of the anti-money laundering laws[17] if it led to a criminal fine, civil fine, or asset forfeiture of at least $50,000, and capped the award at the lesser of 25% of the net amount collected or $150,000.[18] Modeled largely on the Dodd-Frank approach, the AMLA significantly enlarges this authority by authorizing Treasury to pay whistleblower awards of up to 30% for information leading to enforcement actions that result in penalties, disgorgement, and interest of at least $1 million.[19] The whistleblower must provide original information relating to a violation of the BSA to (1) the whistleblower’s employer, (2) Treasury, or (3) the Department of Justice. Any whistleblower who makes an anonymous claim for an award must be represented by counsel and will have to disclose the whistleblower’s identity before receiving the bounty.

In view of the newness of these provisions and the absence (as of this writing) of any final regulations implementing this new authority, the discussion that follows will focus on the ethics implications of the substantially similar Dodd-Frank whistleblower provisions, with which there have been 10 years of experience.

The Details under Dodd-Frank

To be eligible for a financial award from either of the Commissions, a whistleblower must meet certain statutory criteria. First, the whistleblower’s information must have been voluntarily provided and must lead to successful enforcement of a Covered Action[20] or Related Action.[21] Second, what the whistleblower provides must be “original information,” which means that it is:

• derived from the whistleblower’s “independent knowledge or independent analysis,”[22]
• not otherwise known from a source other than the whistleblower, and
• not “exclusively derived from an allegation made in a judicial or administrative hearing or government report, hearing, audit, or investigation, or from the news media, unless the whistleblower is a source of the information.”[23]

Third, the whistleblower may not knowingly and willfully make any false, fictitious, or fraudulent statement or representation, or use any false writing or document knowing that it contains any false, fictitious, or fraudulent statement or entry.[24]

As noted above, an eligible whistleblower may receive anywhere from 10% to 30% of the actual amount recovered by either of the Commissions, provided that the amount recovered is at least $1 million. The minimum award payable under the Dodd-Frank regime is therefore $100,000 (which is 10% of $1 million), but there appears to be no upper limit, as recoveries by the Commissions (and therefore whistleblower awards) can easily be in the millions or tens of millions of dollars. [25]

The magnitude of any such potential award – truly a life-changing amount of money – creates an ethically precarious situation for a lawyer whistleblower. Awards of this dimension provide a temptation toward thinking with less than complete objectivity, a temptation to which any person, including a lawyer, could easily succumb.

The Commissions, to their credit, limit the ability of lawyers to be eligible whistleblowers:

• The CFTC’s approach is to exclude from the “independent knowledge” component information that is obtained (A) via a communication that was subject to the attorney-client privilege or (B) “[i]n connection with the legal representation of a client on whose behalf the whistleblower, or the whistleblower’s employer or firm, have been providing services, and the whistleblower seek[s] to use the information to make a whistleblower submission for the whistleblower’s own benefit,” unless, in either instance, the disclosure is otherwise permitted by the applicable federal or state attorney conduct rules.[26]
• The SEC’s approach is to acknowledge from the outset the “special duties” lawyers owe their clients and the importance of furthering consultation between issuers of securities and their counsel in promoting overall compliance with the federal securities laws.[27] Thus, the SEC’s Dodd-Frank regulations announce that a lawyer will not generally be credited with providing “original information” if that information was obtained (1) from confidential communications subject to the attorney-client privilege, (2) from the legal representation of a client, or (3) from association with a firm retained by an organization to conduct an inquiry into possible violations of law, unless, in the case of (1) and (2), disclosure is permitted by the standards of lawyers’ professional conduct issued by the SEC in 2003[28] pursuant to the Sarbanes-Oxley Act (“SOX”),[29] by applicable state attorney conduct rules, or “otherwise.”[30]

The SEC’s lawyer conduct rules allow disclosure of client confidences outside the issuer organization only after the lawyer has reported “up the ladder” within the issuer’s organizational structure information about a “material violation”[31] by the “issuer”[32] or an officer, director, employee, or agent of the issuer.[33] The Part 205 rules do not mandate “reporting out” to the SEC but permit it, without the issuer’s consent – to the extent the lawyer reasonably believes necessary – in certain situations.[34]

At the same time, however, by incorporating the SOX regulations into the Dodd-Frank whistleblower framework, the SEC introduced a “wild card” into the ethics calculus, namely the assertion by the SEC and one of its former General Counsel that its SOX regulations preempt[35] inconsistent state ethics rules, at least with respect to that subset of the bar over which the SEC has any colorable authority (i.e. attorneys “appearing and practicing”[36] before the SEC).[37]

ETHICAL IMPLICATIONS

The Dodd-Frank whistleblower provisions create a significant ethical dilemma for the legal profession, especially for lawyers who practice (whether as in-house counsel or outside counsel) in the securities regulatory and commodities regulatory spheres. The dilemma arises from the magnitude of the awards, as the question of whether lawyers may ethically “blow the whistle” on clients, not just in the financial regulatory arena but across the spectrum of law practice, has already been settled in the Model Rules.

Conflicts of Interest

Model Rule 1.7 – Current Client

The enormous incentive to blow the whistle represented by the award levels authorized under Dodd-Frank seems ineluctably to create an impermissible conflict of interest for a lawyer[38] under Model Rule 1.7. Model Rule 1.7(a) prohibits (subject to a four-part set of exceptions enumerated in paragraph (b) but not pertinent here[39]) a lawyer from representing a client in the face of a concurrent conflict of interest, which exists if, inter alia, “the representation . . . will be materially limited by . . . a personal interest of the lawyer.”[40]

During the SEC’s Dodd-Frank whistleblowing rulemaking, the ABA expressed concerns about the impact of potential financial awards on the attorney-client privilege:

The ABA is concerned that any provisions in the final rules that would entitle whistleblowers to collect substantial awards may create a strong incentive for a lawyer to compromise his or her ethical obligations and undermine the client confidence that the U.S. Supreme Court recognized in the Upjohn case as critical to assuring the continued effectiveness of the attorney-client privilege and the work product doctrine. A client’s awareness that its attorneys may use information provided confidentially to obtain large whistleblower awards could well prevent the free flow of information necessary to the client’s right to effective counsel.[41]

The Dodd-Frank whistleblowing scenario, and the sheer size of potential awards payable by the Commissions, assume Brobdingnagian proportions when compared with considerations identified in two ABA ethics opinions addressing potential financial interest conflicts.[42] It is difficult to conceive that either of those contexts (an amount advanced as bail for a client or a security interest to guarantee payment of legal fees) would represent monetary amounts even remotely comparable to the order of magnitude of Dodd-Frank whistleblower awards. Yet even far smaller sums than those have been deemed sufficient to trigger the personal interest conflict under Model Rule 1.7(a).[43]

Even more so here, the magnitude of the lawyer’s pecuniary interest in the potential award irrevocably undermines any ability on the lawyer’s part to be a neutral and objective provider of legal advice. It is difficult to imagine, under the standard embodied by Model Rule 1.7(a)(2), a limitation more “material,” a lawyer’s interest more “personal,” or a conflict more trenchant and unyielding.

The correctness of this conclusion can be seen by comparison to the Second Circuit’s decision in United States v. Schwarz,[44] in which a lawyer representing one of two police officers charged with assaulting a suspect in custody subsequently received a $10 million retainer to represent the Police Benevolent Association in a civil action brought by the victim of the alleged assault. In contrast to what is possible under the whistleblower scenario, the police officer client actually gave informed consent to the potential conflict.[45] Nevertheless, the court held that the conflict was not waivable, as the lawyer’s financial interests “so permeated the defense that no meaningful waiver could be obtained.”[46]

The same conclusion was reached in the Dodd-Frank context by the New York County Law Association’s Committee on Professional Ethics in a 2013 opinion.[47] Viewing the ethical issues surrounding whistleblowing by lawyers in the abstract, the opinion interpreted New York’s version of Model Rule 1.7 and found that such a financial incentive “might tend to cloud a lawyer’s professional judgment.”[48] The opinion continued, “the potential payment of an anticipated whistleblower bounty in excess of $100,000 presumptively gives rise to a conflict of interest between the lawyer’s personal interest and that of the client.”[49]

Model Rule 1.7(b) raises the possibility that a personal interest conflict can be waived and consented to by the client.[50] Even in the case of a waiver of conflict, however, there is, as the NYCLA concluded, a “‘significant risk’ that the lawyer’s professional judgment or representation will be adversely affected by the lawyer’s personal interest, [and] in some circumstances the whistleblower-bounty conflict may be unwaivable.”[51]

To sum up: In the vast majority of situations – in view of the secrecy that underlies the whistleblowing process, the adversarial nature of the conduct, and the magnitude of the awards –

• Dodd-Frank whistleblowing
• on a current client
• by a lawyer acting as a lawyer
• who is eligible to receive a monetary award from either of the Commissions

creates an impermissible and unconsentable conflict of interest proscribed by Model Rule 1.7(a).

This author does not go so far as to suggest that there can never be circumstances in which a Dodd-Frank whistleblower award could ethically be sought by a lawyer who is acting as a lawyer. For example, it is conceivable that an individual lawyer might have so much personal or family wealth that even the magnitude of a Dodd-Frank whistleblower award would have no effect on that lawyer’s objectivity. Such circumstances, it is fair to assume, will be extremely rare, however, and so for the vast majority of lawyers, seeking such an award for information provided to one or both of the Commissions may constitute profoundly unethical conduct. Other possible exceptions might arise as contemplated by the Commissions’ regulations if, for example, outside counsel is participating in an internal corporate investigation into wrongdoing and has a reasonable basis for believing that disclosure of the information to either of the Commissions is necessary to prevent conduct that is likely to cause substantial injury to the financial interest or property of the entity or investors or that will impede an investigation of the wrongdoing.[52] An exception may also exist where at least 120 days have elapsed since the lawyer whistleblower provided the information to the relevant entity’s audit committee, chief legal officer, chief compliance officer (or their equivalents), or the whistleblower’s supervisor.[53]

Model Rule 1.8 – Current Client

In addition to Model Rule 1.7, a conflict of interest governed by Model Rule 1.8(a) arises where a lawyer knowingly acquires a pecuniary interest adverse to a client. Model Rule 1.8 is commonly understood to apply to business transactions with a client, but the “pecuniary interest” language is not limited to that context. The Rule proscribes entering into “a business transaction with a client or knowingly enter[ing] into an ownership, possessory, security or pecuniary interest adverse to a client.” (Emphasis added). The use of the disjunctive contemplates an ownership-based conflict for these categories of interests even in the absence of a business transaction with a client.

The “pecuniary interest” conflict exists unless all three conditions in Model Rule 1.8(a)(1)-(3) are satisfied. As these include full written disclosure, written advice that the client take legal advice from an independent source, and the client’s informed consent, the conditions simply cannot be met in the Dodd-Frank whistleblowing context.

Therefore, merely by arranging to be eligible for a substantial monetary award in the amount of 10% to 30% of any amount in excess of $1 million recovered from the client by either of the Commissions based on lawyer-supplied “original information,” the lawyer acquires the proscribed adverse pecuniary interest in violation of Model Rule 1.8(a).

In addition, Model Rule 1.8(b) prohibits a lawyer from using “information relating to representation of a client to the disadvantage of the client unless the client gives informed consent, except as permitted or required by these Rules.” Paramount among the “permitted or required” instances that might arise in the Dodd-Frank whistleblower context are the provisions of Model Rule 1.6(b)(2)-(3), which authorize, respectively, disclosure to prevent a client’s concurrent crime of fraud and disclosure to prevent, mitigate, or rectify a client’s prior crime or fraud, which, in each instance, is reasonably certain to result (or, in the case of prior client misconduct, has already resulted) “in substantial injury to the financial interests or property of another and in furtherance of which the client has used the lawyer’s services.” The extent of the disclosure must be what the lawyer “reasonably believes necessary” to accomplish these aims.

Assuming that a client engaged in wrongdoing of this magnitude is unlikely to give informed consent, a lawyer’s blowing the whistle to either of the Commissions is prohibited by Model Rule 1.8(b) as using confidential information relating to the representation to the disadvantage of the client, unless all three of the following conditions are met:

• the lawyer’s services were used in furtherance of a crime or fraud;
• which is reasonably certain to cause, or has already caused, substantial injury to the financial interests or property of one or more third parties; and
• the extent of the disclosure is reasonably believed by the lawyer to be necessary to prevent, mitigate, or rectify the client’s crime or fraud.

Model Rule 1.9 – Former Client

Model Rule 1.9(c)(1) prohibits the use of information relating to the representation of a former client to the disadvantage of the former client except as the Rules permit or require. The analysis is thus essentially the same[54] as what was just discussed under Rule 1.8(b). In applying New York’s version of Model Rule 1.9, NYCLA Op. 746 reached the same conclusion.

Common Law Fiduciary Duty

In addition to violations of the conflicts of interest provisions under the Model Rules, whistleblowing under the Dodd-Frank regime would violate a lawyer’s fiduciary duty at common law that would be breached were a lawyer to appropriate and disclose information of a current or former client for the lawyer’s own profit.[55] In the Restatement’s formulation, a lawyer is prohibited, except with the client’s consent, from using “confidential information of a client for the lawyer’s pecuniary gain other than in the practice of law [and] must account for any profits made by the use of such information.”[56] This strict duty, which applies even when the disclosure is permissible under the Model Rules and even when the client is not harmed by the disclosure, is an outgrowth of the common law of agency:[57]

The strict confidentiality duty of the Subsection is warranted for prophylactic purposes. A lawyer who acquires confidential client information as a result of a representation should not be tempted by expectation of profit to risk a possibly incorrect assessment of future harm to a client. There is no important societal interest in permitting lawyers to make unconsented use or revelation of confidential client information for self-enrichment in personal transactions.[58]

The prospect of having to account to the client and make restitution of the lawyer’s profit from whistleblowing would remove any temptation to violate the rules of professional conduct and risk disbarment in anticipation of living on easy street because of the magnitude of the anticipated bounty. Yet this prospect is illusory because of the mandated secrecy, noted above, surrounding Dodd-Frank whistleblower activities. The client will never know whether the “covered judicial or administrative action” was based on information provided by a whistleblower or, if so, who that whistleblower was. This practical difficulty underscores the need for the rules of professional conduct to act as a deterrent.

Confidentiality

In General

Model Rule 1.6 requires lawyers to refrain from disclosing confidential client information or using it adversely against the client, unless the client consents or an exception applies. The duty of confidentiality sweeps broadly. In particular, “confidential” information includes much more than information protected by the attorney-client privilege or work product doctrine. Under Model Rule 1.6 (as well as under many state incarnations), “confidential” information includes “all information relating to the representation, whatever its source.”[59]

The confidentiality rationale rests on the vital importance society places upon the “full, free and frank” exchange between lawyer and client, shielded from the intrusive eyes and ears of others, including the government. Without assurances of confidentiality, critical discussions between lawyer and client would necessarily be limited in a manner that would negatively affect the former’s ability to serve the latter. The benefits of confidentiality have long been recognized. As Chief Justice Lemuel Shaw of the Massachusetts Supreme Judicial Court said almost 200 years ago:

This principle we take to be this; that so numerous and complex are the laws by which the rights and duties of citizens are governed, so important is it that they should be permitted to avail themselves of the superior skill and learning of [attorneys] both in ascertaining their rights in the country, and maintaining them most safely in court … that the law has considered it the wisest policy to encourage and sanction this confidence, by requiring that on such facts the mouth of the attorney should be forever sealed.[60]

Consistent with this policy, lawyers must be able to gather all the necessary information and be free to explore with the client the client’s options. If a client perceives a “threat that these confidential communications will be shared with those whose interests may be adverse to the client, the chilling effect on the lawyer-client relationship becomes plain.”[61]

“A fundamental principle in the client-lawyer relationship is that, in the absence of the client’s informed consent, the lawyer must not reveal information relating to the representation.”[62] Disclosure of confidential information of any client is authorized under Model Rule 1.6 “to the extent the lawyer reasonably believes necessary”[63] either “to prevent the client from committing a crime or fraud that is reasonably certain to result in substantial injury to the financial interests or property of another”[64] or “to prevent, mitigate, or rectify substantial injury to the property of another,”[65] in each case where the client has used the lawyer’s services in furtherance of the crime or fraud. Those disclosure exceptions are simply not available where the lawyer’s services have not been so used.

Furthermore, with respect to an organizational client, the prescribed approach is set out in Model Rule 1.13, which requires a lawyer who knows of corporate misconduct to report such misconduct up-the-line (to the board of directors if necessary) unless the lawyer believes it is “not necessary in the best interest of the organization” to do so. Disclosure outside the organization without its consent is limited to situations where the highest authority in the organization has failed to address the legal violation the lawyer has reported and the lawyer “reasonably believes that the violation is reasonably certain to result in substantial injury to the organization” – and even then only “to the extent necessary to prevent substantial injury to the organization.”[66] In the case of an attorney who has been engaged to investigate matters within the corporation or to defend the organization or its constituents, however, reporting any discovered misconduct outside the organization is forbidden.[67]

Although the existence of conflicts of interest is enough of an ethical proscription against lawyers collecting bounties for Dodd-Frank whistleblowing, NYCLA Op. 746 devoted the majority of its analysis to confidentiality under applicable New York rules of professional responsibility. Because of the complexity of the regulatory framework established by the SEC in particular, which resurrects judicially unresolved questions of preemption first aired in the SOX era, some additional points are noteworthy.

Effect of the Dodd-Frank Regulatory Framework

The Commissions, in their respective regulations, limit the ability of lawyers to be eligible whistleblowers. The lodestar is the source of the information being conveyed by the whistleblower. As noted above, only “original” information qualifies. Information obtained by those occupying positions with fiduciary or quasi-fiduciary obligations (which would include in-house counsel and outside counsel)[68] is generally not considered “original,” but there are some exceptions as described below. Furthermore, the original information must be “voluntarily” provided. That means it must be provided prior to any request to the whistleblower (or anyone representing the whistleblower) from the Commissions, any other federal or state authority (e.g., DOJ or a State Attorney General), Congress, or any SRO about a matter to which the information in the whistleblower’s submission is relevant.[69]

The CFTC’s approach is to exclude from the “independent knowledge” component[70] any information that is:

1. obtained via a communication that was subject to the attorney-client privilege, or
2. in connection with the legal representation of a client on whose behalf the whistleblower (or the whistleblower’s employer or firm) have been providing services, and that the whistleblower seeks to use to make a submission for the whistleblower’s own benefit, unless, in either instance, the disclosure is otherwise permitted by the applicable federal or state attorney conduct rules.[71]

The SEC’s approach is to acknowledge from the outset the “special duties” lawyers owe their clients and the importance of furthering consultation between issuers of securities and their counsel in promoting overall compliance with the federal securities laws.[72] Thus, the SEC’s Dodd-Frank regulations announce that a lawyer will not generally be credited with providing “original information” if that information was obtained (1) from confidential communications subject to the attorney-client privilege, (2) from the legal representation of a client, or (3) from association with a firm retained by an organization to conduct an inquiry into possible violations of law, unless, in the case of (1) and (2), disclosure is permitted by the standards of lawyers’ professional conduct issued by the SEC in its 2003 Part 205 rules,[73] by applicable state attorney conduct rules, or “otherwise.”[74]

By incorporating the Part 205 rules into the Dodd-Frank whistleblower framework, however, the SEC introduced some complexities into the ethics calculus. These complexities include not only exceptions to the requirement of confidentiality that are not found in the Model Rules, but also the (as yet untested) assertion by the SEC that its regulations preempt state avatars of the Model Rules in certain circumstances.

Dodd-Frank whistleblowing, by its nature, entails “reporting out” – specifically to the government. Yet the SOX regulations invoked by the SEC do not contemplate “reporting out” except in exceptional circumstances. To begin with, those regulations do not apply to all lawyers but only to a subset: those “appearing and practicing” before the SEC. Secondly, the default requirement for such attorneys under the Part 205 regulatory regime is emphatically not blowing the whistle to the SEC; rather, those regulations require reporting “evidence of a material violation”[75] of the securities laws by the issuer (or any of its officers, directors, employees or agents) to the CEO or, perhaps more likely, the Chief Legal Officer,[76] and thereafter if no satisfactory action is taken, “up the ladder” within the corporate organization, all the way to the board of directors if necessary. [77] This procedure is, in essence, consistent with Model Rule 1.13(b), though the latter requires not merely credible evidence of a reasonably likely violation but actual knowledge[78] of an existing or impending violation.

Incorporating the Part 205 rules into the Dodd-Frank whistleblower framework also inserts into the analysis a potential “wild card,” namely the assertion, made both by the SEC and by one of its former General Counsel,[79] that the SOX regulations[80] preempt inconsistent state ethics rules,[81] at least with respect to that subset of the bar over which the SEC has any colorable authority (to wit: attorneys “appearing and practicing” before the SEC). If the SEC’s whistleblower regulations preempt inconsistent state ethics rules, that could theoretically preclude state disciplinary action and the salutary effect on attorney conduct of the threat of such disciplinary action for flagrant violations of confidentiality, privilege, and conflict of interest rules.

The preemption debate began shortly after promulgation of the final Part 205 rules, with both the Washington State Bar[82] and the California Bar[83] taking the position that the SEC lacked preemption authority.[84] In the intervening years, no court has yet had occasion to rule on the SOX/state ethics rules preemption question.[85]

Logically, however, it would seem that whatever legal or policy arguments might support preemption in the SOX/Part 205 context are simply absent in the Dodd-Frank whistleblower context. For one thing, there was not – and cannot have been – any preemptive intent regarding regulation of the Bar on the part of Congress when enacting Dodd-Frank, since the two whistleblower provisions predominantly apply to individuals who are not lawyers. More tellingly, in enacting Dodd-Frank Congress was very attentive to preemption issues and specifically legislated on that topic in other areas,[86] but Section 922 (the SEC whistleblower provision) is silent on preemption.[87] For another, the secrecy requirements of Dodd-Frank whistleblowing are, in the case of a lawyer-whistleblower, incompatible not only with the default confidentiality principles of the Model Rules and the attorney-client privilege but also the SEC’s own Part 205 rules, which require internal, up-the-ladder reporting and contemplates “reporting out” only when that default procedure does not function as intended.

Accordingly, confidentiality principles are another reason to be chary of whistleblowing by lawyers. Such whistleblowing constitutes disclosure of client information in violation of the default confidentiality provisions of the Model Rules and may only be done ethically where those Rules (or their state avatars) expressly so permit or require.[88]

CONCLUSION

Seeking a monetary award from the SEC or the CFTC for whistleblowing on a client almost certainly creates a personal interest conflict, within the meaning of Model Rule 1.7(a)(2). Disclosing the client’s information to a federal agency, other than as specifically authorized under the Model Rules, violates the confidentiality requirements of Model Rule 1.6. A lawyer, acting as a lawyer, who pursues such an award does so at extreme peril of disciplinary action and should, at a minimum, consult the ethics rules and authorities in each jurisdiction in which he or she is admitted.

[1] This constitutes Titles 60-63 of the massive (nearly 1500 pages) William M. (Mac) Thornberry National Defense Act of 2021, Pub. L. No.: 116-283, §§ 6001 et seq. Another, related piece of the puzzle is Title 64, the Corporate Transparency Act ( the “CTA”), establishing disclosure requirements for beneficial owners of certain business enterprises. The Business Law Section has already done two “In the Know” webinars on the CTA, one addressing the substance and the other addressing some of the ethical implications.

[2] Possible other entities include: the Department of Justice; an appropriate department or agency of the Federal Government, acting within the scope of its jurisdiction; a self-regulatory organization; a state attorney general in connection with a criminal investigation; an appropriate state regulatory agency or department. Other possibilities are, in the case of commodities-related whistleblowers, a foreign futures authority; and in the case of securities-related whistleblowers, the Public Company Accounting Oversight Board, a foreign securities authority, and a foreign law enforcement authority. See 7 U.S.C. § 26(h)(2)(C)(I)-(VI); 15 U.S.C. § 78u-6(h)(2)(D) (I)-(VIII).

[3] Actually, the recovery amount may be somewhat higher, since the statute does not authorize whistleblower awards for collection of monetary sanctions of $1 million or less. See 15 U.S.C. § 78u-6(a)(1) (definition of “covered judicial or administrative action”).

[4] Pub. L. No. 111-203, 124 Stat. 1326 (2010).

[5] The term “whistleblower” is susceptible of many different definitions in different contexts. See Julian W. Kleinbrodt, Pro-Whistleblower Reform in the Post-Garcetti Era, 112 Mich. L. Rev. 111, 113 (2013) (observing that “[t]here is no single definition of a whistleblower, and it takes on different contours in different contexts”). Although the term is neither defined nor used in the ABA Model Rules of Professional Conduct (2018) [hereinafter the “Model Rules”], references in this article to a lawyer as “whistleblower” should be understood to mean a lawyer who reports a client’s wrongdoing to a governmental or law enforcement agency. Cf. Black’s Law Dictionary (9th ed. 2009) (defining a whistleblower as “[a]n employee who reports employer wrongdoing to a governmental or law-enforcement agency”).

[6] As discussed below, the minimum award payable is $100,000 and could fairly easily reach millions of dollars.

[7] The descriptor qui tam is short for the Latin phrase “qui tam pro domino rege quam pro se ipso in hac parte sequitur,” which refers to one who brings an action on behalf of the king as well as himself. This regime, despite certain similarities, is conceptually different from the Dodd-Frank regulatory whistleblower landscape considered in this article.

[8] A “relator” is an individual who brings suit under the FCA in the name of the government, which has sixty days to intervene in the action. If the government declines to intervene, the relator may proceed alone. 31 U.S.C. § 3730(b). If the action is successful, the relator stands to receive an award of 15-25% of the proceeds (whether a verdict or settlement) if the government has intervened and litigated the matter and between 25-30% if the government has not intervened. 31 U.S.C. § 3730(d). State false claims acts operate in similar fashion.

[9] E.g., the N.Y. False Claims Act, N.Y. State Fin. Law §§ 187 et seq.

[10] 7 U.S.C. §§ 1 et seq.

[11] Dodd-Frank § 748, 124 Stat. 1739 (creating CEA § 23, 7 U.S.C. § 26).

[12] CFTC, Final Rules for Implementing the Whistleblower Provisions of Section 23 of the Commodity Exchange Act, 76 Fed. Reg. 53,172 (Aug. 25, 2011) (codified at 17 C.F.R. §§ 165.1 et seq.).

[13] 15 U.S.C. §§ 78a et seq.

[14] Dodd-Frank § 922 (creating Section 21F of the Exchange Act, 15 U.S.C. § 78u-6).

[15] See SEC, Securities Whistleblower Incentives and Protections, 76 Fed. Reg. 34,300 (June 13, 2011) (codified at 17 C.F.R. §§ 240.21F-1 et seq.) [hereinafter “SEC Dodd-Frank Release”].

[16] 7 U.S.C. § 26(b)(1) (CFTC); 15 U.S.C. §78u-6(b)(1) (SEC). The CFTC and the SEC shall jointly be referred to hereinafter as the “Commissions.”

[17] E.g., Currency and Foreign Transactions Reporting Act of 1970, Pub. L. No. 91-508, 84 Stat. 1114 (1970) (codified as amended in scattered sections of 12, 18, and 31 U.S.C. and commonly known as the “Bank Secrecy Act”) [hereinafter referred to as the “BSA”].

[18] 31 U.S.C. § 5323(a)-(b).

[19] Pub. L. No. 116-283, § 6314.

[20] 7 U.S.C. § 26(b)(1) (CFTC); 15 U.S.C. § 78u-6(b)(1) (SEC). As noted earlier, the term “covered judicial or administrative action” means any judicial or administrative action brought by the CFTC or the SEC, as the case may be, that results in monetary sanctions exceeding $1million. 7 U.S.C. § 26(a)(1) (CFTC); 15 U.S.C. § 78u-6(a)(1) (SEC).

[21] A “related action” is defined as a judicial or administrative action brought by a statutorily designated entity that is based upon the original information provided by a whistleblower that led to the successful enforcement by either of the Commissions of a “covered judicial or administrative action.” 7 U.S.C. § 26(a)(5) (CFTC); 15 U.S.C. § 78u-6(a)(5) (SEC). Statutorily designated entities include, inter alia, (1) the Department of Justice; (2) an appropriate Federal regulatory authority (e.g., one of the bank regulatory agencies); (3) a self-regulatory organization; (4) a State attorney general in connection with any criminal investigation; (5) an appropriate State regulatory authority; and (6) a foreign law enforcement or regulatory authority. See 7 U.S.C. § 26(h)(2)(C)(i) (CFTC); 15 U.S.C. §78u-6(h)(2)(D)(i) (SEC).

[22] These concepts are not defined in Dodd-Frank but are defined by the Commissions in their separate regulations. The term “independent knowledge” means factual information in the whistleblower’s possession that is not derived from publicly available sources. The term “independent analysis” means the whistleblower’s examination and evaluation (whether performed alone or with others) of information (including publicly available information), which then reveals information that is not generally known or available to the public. See generally 17 C.F.R. § 165.2(g)-(h) (CFTC), 17 C.F.R. § 240.21F-4(b)(2)-(4). (SEC).

[23] 7 U.S.C. § 26(a)(4) (CFTC); 15 U.S.C. §78u-6(a)(3) (SEC).

[24] 7 U.S.C. § 26(m) (CFTC); 15 U.S.C. § 78u-6(i) (SEC). Such false or fraudulent statements or conduct are independently criminalized under 18 U.S.C. § 1001 and, in the case of a whistleblower who is a lawyer, would subject the lawyer to discipline under Model Rule 8.4(b) and (c).

[25] In addition to the awards described at the beginning of this article see, e.g., CFTC, Press Release, CFTC Announces Whistleblower Award of More Than $10 Million (April 4, 2016), available at http://www.cftc.gov/PressRoom/PressReleases/pr7351-16. The SEC typically redacts its whistleblower grant orders, but a law firm that represents whistleblowers revealed on its website an award of $22.5 million dated June 30, 2016. See The Employment Law Group, Rewards Tracker, available at http://sec-whistleblowers.com/rewards-tracker/.

[26] 17 C.F.R. § 165.2(g)(2)-(3).

[27] See generally SEC Dodd-Frank Release, 76 Fed. Reg. at 34,314.

[28] SEC, Implementation of Standards of Professional Conduct for Attorneys, Securities Act Release No. 33-8185, 68 Fed. Reg. 6296 (Feb. 6, 2003) (currently codified at 17 C.F.R. § 205.3(d)(2)). These regulations (known colloquially as the “Part 205 rules”) apply only to lawyers “appearing and practicing” before the SEC in the context of providing legal services to an “issuer” of securities. “Issuer” in this context is broadly defined to include certain affiliates for which the lawyer has provided services on behalf of, or at the behest of or for the benefit of, the issuer, regardless of whether the lawyer is employed or retained by the issuer. Id. § 205.2(h). Likewise, “appearing and practicing” is broadly defined and includes, inter alia, merely advising on U.S. securities laws or regulations in connection with a document that the lawyer has notice will be filed or submitted (or incorporated into a document to be filed or submitted) to the SEC. Id. § 205.2(a).

[29] Public Company Accounting Reform and Investor Protection Act of 2002, Pub. L. No. 107-204, 116 Stat. 745 (2002) (which became colloquially known, after its Senate and House sponsors, Paul Sarbanes and Michael Oxley, as the Sarbanes-Oxley Act).

[30] 17 C.F.R. § 240.21F-4(b)(4)(i), (ii), (iii)(C). Note that the SEC has not (to date) explained what facts or circumstances might give rise to the “otherwise” exclusion.

[31] Referring to both federal and state laws and obligations, this term is defined for purposes of the Part 205 rules as “a material violation of an applicable United States federal or state securities law, a material breach of fiduciary duty arising under United States federal or state law, or a similar material violation of any United States federal or state law.” 17 C.F.R. § 205.3(i).

[32] See supra note 28 (describing broad definition of “issuer” for this purpose).

[33] See generally 17 C.F.R. § 205.3(b).

[34] The circumstances include: (i) To prevent the issuer from committing a material violation that is likely to cause substantial injury to the financial interest or property of the issuer or investors; (ii) To prevent the issuer, in the course of an SEC investigation or administrative proceeding, from committing perjury, proscribed in 18 U.S.C. § 1621; suborning perjury, proscribed in 18 U.S.C. § 1622; or committing any act proscribed in 18 U.S.C. § 1001 that is likely to perpetrate a fraud upon the SEC; or (iii) To rectify the consequences of a material violation by the issuer that caused, or may cause, substantial injury to the financial interest or property of the issuer or investors in the furtherance of which the attorney’s services were used. 17 C.F.R. § 205.3(d)(2)(i)-(iii).

Differences between the SEC’s rule and Model Rule 1.13 are discussed later in the article.

[35] No preemption issue exists with respect to the CFTC, which has no SOX responsibilities and has not incorporated by reference any other regulations purporting to govern attorney conduct.

[36] See supra note 28.

[37] The validity of this assertion is open to question (see infra notes 79-85 and accompanying text), and there has even been a lack of consensus on the issue among former SEC General Counsels.

[38] This article focuses only on situations in which a lawyer is acting as a lawyer and is representing a client involved in the conduct giving rise to the possibility of whistleblowing. Thus, in the case of a business entity, this discussion does not address the conduct of a whistleblower who has a law degree and may well be licensed to practice law in one or more jurisdictions but who is acting as a director, officer, employee, or agent without any attorney-client relationship with the organization.

[39] The client’s informed consent is a basic component of the exceptions in paragraph (b). Whistleblowing under the Dodd-Frank framework, by its nature, precludes seeking the client’s consent. In order not to impair the efficacy of any agency investigation, Dodd-Frank whistleblowing is confidential, and in fact the Commissions are generally required to keep the information confidential. See 7 U.S.C. § 26(h)(2)(A) (CFTC); 15 U.S.C. § 78u-6(h)(2)(A) (SEC). Moreover, the adversary nature of a lawyer blowing the whistle on a client would seem to render the conflict non-consentable per se.

[40] Model Rule 1.7(a)(2).

[41] Letter from Stephen N. Zack, President, Am. Bar Ass’n, to Hon. Mary L. Schapiro, Chair, Securities and Exchange Commission, at 3 (May 11, 2011).

[42] See, e.g., ABA Formal Ethics Op. 432 (2004) (advancing bail on behalf of accused client may pose a conflict if amount of bail is “material” to the lawyer); ABA Formal Ethics Op. 427 (2002) (discussing the propriety of a lawyer taking a security interest in property of the client to guarantee payment of legal fees).

[43] Cf. United States v. Quest Diagnostics Inc., 734 F.3d 154 (2d Cir. 2013) (lawyer violated applicable New York professional conduct rules by filing qui tam action against former employer with respect to matters substantially related to prior representation of employer).

[44] 283 F.3d 76 (2d Cir. 2002).

[45] The court explained the potential conflict as the disincentive, created by the lawyer’s simultaneous representation of the PBA, to seek to obtain acquittal for the police officer client by endeavoring to place the blame entirely on the other police officer. Id. at 94-95.

[46] Id. at 96 (quoting United States v. Fulton, 5 F.3d 605, 613 (2d Cir. 1993)).

[47] N.Y. Cnty. Lawyers’ Ass’n., Comm. on Professional Ethics, Ethical Conflicts Caused by Lawyers as Whistleblowers under the Dodd-Frank Wall Street Reform Act of 2011, Formal Op. 746 (Oct. 7, 2013) [hereinafter referred to as “NYCLA Op. 746”].

[48] Id. at 10-11.

[49] Id. at 11.

[50] A recent ethics opinion of the New York State Bar Association concluded that neither a lawyer nor his firm may represent a client in litigation funded by a litigation financing company in which the lawyer is an equity holder. Among several ethical concerns, the opinion identified New York’s version of Rule 1.7(a)(2). The opinion found that the lawyer’s personal and financial interest in the financing company could create a significant risk that the lawyer’s professional judgment could be adversely affected by the lawyer’s own interests. “For instance, the Company may have an interest in expediting (or prolonging) the litigation to enhance the value of the Company’s investment but which may not equate with the client’s interests in going to trial (or reaching an early settlement). A continuing duty exists to protect the client from this risk.” N.Y. State Bar Ass’n Comm. on Prof’l Ethics, Op. 1145 ¶ 12 (March 7, 2018). The opinion noted, however, that this conflict could “be adequately disclosed and waived under Rule 1.7(b) if the other requirements of Rule 1.7(b) are fulfilled.” Id.

[51] NYCLA Op. 746, at 11-12 (citing Schwarz).

[52] See 17 C.F.R. § 165.2(g)(7)(i)-(ii) (CFTC), 17 C.F.R. § 240.21F-4(b)(4)(v)(A)-(B) (SEC).

[53] See 17 C.F.R. § 165.2(g)(7)(iii) (CFTC), 240.21F-4(b)(4)(v)(C) (SEC).

[54] Actually, the coverage of Model Rule 1.9 is a little broader. Whereas Rule 1.8(b) only covers a client represented by the lawyer, Rule 1.9(c)(1) applies to a client formerly represented by either the lawyer or by his or her present or former law firm.

[55] See Fremont Reorganizing Corp. v. Faigin, 198 Cal. App. 4th 1153 (2011) (former in-house counsel who told insurance authorities about former employer’s allegedly illegal conduct could be liable for breach of fiduciary duty and duty of confidentiality).

[56] Restatement (Third) of the Law Governing Lawyers § 60(2).

[57] Id. cmt. j.

[58] Id.

[59] Model Rule 1.6 cmt. [3].

[60] Hatton v. Robinson, 31 Mass. (14 Pick.) 416, 422 (1833).

[61] ABA Formal Op. 368 (1992).

[62] Model Rule 1.6 cmt. [2].

[63] Model Rule 1.6(b).

[64] Model Rule 1.6(b)(2).

[65] Model Rule 1.6(b)(3).

[66] Model Rule 1.13(c). In contrast to Model Rule 1.6(b)(3), Model Rule 1.13 does not, by its terms, authorize disclosure to prevent, mitigate, or rectify substantial injury to the property of another.

[67] Model Rule 1.13(d).

[68] See, e.g., 17 C.F.R. § 240.21F-4(b)(4).

[69] See 17 C.F.R. § 165.2(o) (CFTC); 17 C.F.R. § 240.21F-4(a) (SEC).

[70] See supra note 22 and accompanying text.

[71] 17 C.F.R. § 165.2(g)(2)-(3).

[72] See generally SEC Dodd-Frank Release, 76 Fed. Reg. at 34,314.

[73] SEC, Implementation of Standards of Professional Conduct for Attorneys, Securities Act Release No. 33-8185, 68 Fed. Reg. 6296 (Feb. 6, 2003) (currently codified at 17 C.F.R. § 205.3(d)(2)).

[74] 17 C.F.R. § 240.21F-4(b)(4)(i), (ii), (iii)(C). Note that the SEC has not (to date) explained what facts or circumstances might give rise to the “otherwise” exclusion.

[75] See id. § 205.2(e) (defining “evidence of a material violation”). This definition of “evidence of a material violation” is a notorious double-negative standard: “credible evidence, based upon which it would be unreasonable, under the circumstances, for a prudent and competent attorney not to conclude that it is reasonably likely that a material violation has occurred, is ongoing, or is about to occur.” Cf. Keith R. Fisher, The Higher Calling: Regulation of Lawyers Post-Enron, 37 U. Mich. J. L. Reform 1017, 1104 (2004) (suggesting that this standard comes “perilously close to ‘knew or should have known’ standard of proof – in other words, scienter”). As noted above, the term “material violation” is itself defined as a “material violation of an applicable United States federal or state securities law, a material breach of fiduciary duty arising under United States federal or state law, or a similar material violation of any United States federal or state law.” 17 C.F.R. § 205.2(i).

[76] Id. § 205.3(b)(1), (c)(1). The duplication in two separate paragraphs refers to two situations: one for issuers that have not established a Qualified Legal Compliance Committee and the other for issuers that have. If the reporting attorney is a subordinate attorney, however, he may content himself with reporting to his supervisor and need take no further action. Id. § 205.5(c). This is actually somewhat less onerous than a subordinate lawyer’s obligations under Model Rule 5.2(b), compliance with which requires that the supervisory lawyer’s resolution of an “arguable” question of professional duty be “reasonable” and that the subordinate act in accordance with that resolution.

[77] Id. § 205.3(b)(3).

[78] Cf. Model Rule 1.0(f) (defining knowledge-related terms).

[79] See Letter from Giovanni P. Prezioso, General Counsel, SEC, to J. Richard Manning, President, Wash. State Bar Ass’n (July 3, 2003).

[80] No preemption issue exists with respect to the CFTC, which has no SOX responsibilities or other regulations purporting to govern attorney conduct.

[81] See 17 C.F.R. § 205.1 (“These standards supplement applicable standards of any jurisdiction where an attorney is admitted or practices and are not intended to limit the ability of any jurisdiction to impose additional obligations on an attorney not inconsistent with the application of this part. Where the standards of a state or other United States jurisdiction where an attorney is admitted or practices conflict with this part, this part shall govern”).

[82] See Ethics 2003 Committee of Wash. State Bar Ass’n. Internal Formal Ethics Opinion 2003, available at http://www.wsba.org/lawyers/groups/ethics2003/formalopinion.doc (opining that lawyers admitted in the State of Washington may not ethically reveal client confidences and secrets unless authorized to do so under Washington’s rules of professional conduct, regardless of the permissive disclosure provisions of the Part 205 Rules).

[83] See, e.g., State Bar of California, Ethics Alert, The New SEC Attorney Conduct Rules v. California’s Duty of Confidentiality (Spring 2004); Corporations Comm. of the Business Law Section of the California State Bar, Conflicting Currents: The Obligation to Maintain Inviolate Client Confidences and the New SEC Attorney Conduct Rules, 32 Pepp. L. Rev. 89 (2004) (arguing that the SEC’s preemption assertion exceeds its authority).

[84] But cf. Roger Cramton, George Cohen & Susan Koniak, Legal and Ethical Duties of Lawyers After Sarbanes-Oxley, 49 Vill. L. Rev. 725 (2004) (supporting an argument for implied preemption).

[85] Also worth noting, even en passant, are (1) that in SOX Congress did not expressly grant the SEC preemptive authority over state regulation of lawyers, and (2) that similar attempts by another federal administrative agency to invoke regulatory authority over lawyers in other regulatory contexts – the privacy provisions of the Gramm-Leach-Bliley Act of 1999 and the Fair and Accurate Credit Transactions Act of 2003 – were resoundingly rejected when challenged by the bar. See New York State Bar Ass’n v. FTC, 276 F. Supp.2d 110 (D.D.C. 2003) (holding that the FTC exceeded its authority in extending the statutory term of art “financial institution” to lawyers), aff’d sub nom. American Bar Ass’n v. FTC, 430 F.3d 457 (D.C. Cir. 2005); American Bar Ass’n v. FTC, 671 F. Supp.2d 64 (D.D.C. 2009) (holding that nothing in the FACT Act contained an “unmistakably clear” grant of authority that would permit FTC intervention into regulating the practice of law), vacated as moot, 636 F.3d 641 (D.C. Cir. 2011) (concluding that intervening legislation clarifying that lawyers were not subject to the FTC rule had mooted the controversy).

[86] E.g., Dodd-Frank § 767 (preempting State gaming and bucket-shop laws), § 1041(a) (preempting state consumer protection laws to the extent, and only to the extent, they are inconsistent with federal consumer protection laws under Dodd-Frank Title X), and § 1044 (prescribing state law preemption standards for national banks and their subsidiaries).

[87] Likewise Dodd-Frank § 748, amending the CEA, evinces no preemptive intent.

[88] Examples include Model Rules 4.1 and 1.6(b)(2)-(3), and 1.13(c).

On June 28, 2021, while both congressional bodies continue to introduce and consider numerous legislative proposals to “reform” and amend the existing legal analytical framework, the U.S. District Court for the District of Columbia dismissed two high-profile antitrust cases simultaneously brought by the Federal Trade Commission (FTC) and 46 states. Both cases alleged that Facebook illegally maintained a monopoly in the social networking space through its acquisition of nascent competitors, including WhatsApp and Instagram, as well as by placing restrictions on developers that access Facebook’s networks.

The key difference between the decisions is that the court granted the FTC leave to amend its complaint to better address Facebook’s alleged monopolization. Therefore, while the states’ case is finished (unless they file an appeal), the FTC retains a number of options, including trying to bolster its monopolization claim or pursuing the case through the FTC’s administrative proceedings.

Members of both political parties and from both congressional chambers condemned the decisions:

The FTC should pursue this case, but we shouldn’t count on regulators and the courts alone to save us. Keeping our markets competitive, open and fair? It will require the Congress to act.

— Amy Klobuchar (@amyklobuchar) June 29, 2021[1]

Facebook is clearly a monopoly. The district court ruling shows the need for Congress to reform the antitrust laws. Our bipartisan bills give additional resources to law enforcement agencies and brings greater scrutiny to mergers. We have to act now.

— Rep. Ken Buck (@RepKenBuck) June 29, 2021[2]

Discussion of the Decisions

The FTC and 46 states separately sued Facebook in December 2020, alleging that Facebook violated Section 2 of the Sherman Act[3] through its alleged “buy or bury” strategy of acquiring Instagram (2012) and WhatsApp (2014) and by adopting policies that prevented app developers that Facebook viewed as potential competitive threats from accessing Facebook’s platform interfaces (API Policies). The states also sought relief under Section 7 of the Clayton Act[4], which prevents acquisitions that tend to substantially lessen competition.

District Court Judge James Boasberg dismissed each case on different grounds.

The FTC Case. Judge Boasberg dismissed the FTC’s monopolization claim for a failure to plausibly allege facts that Facebook has monopoly power.[5] The FTC defined the relevant product market served by Facebook as one for “Personal Social Networking Services,” which the FTC described as “online services that enable and are used by people to maintain personal relationships and share experiences with friends, family, and other personal connections in a shared social space.”[6] The FTC alleged that Facebook held a market share “in excess of 60%,” and there were no substitutes for Facebook. The decision criticized the FTC for failing to offer any measure or metrics for this analysis and failing to name even a single Facebook competitor. The court therefore observed that “[i]t is almost as if the [FTC] expects the Court to simply nod to the conventional wisdom that Facebook is a monopolist. After all, no one who hears the title of the 2010 film ‘The Social Network’ wonders which company it is about.”[7]

The court also expressed concern with the FTC’s claims regarding Facebook’s API Policies, cautioning the FTC that generally antitrust law does not impose a duty to deal on monopolists.[8] Although the court made plain that the FTC “to be sure, has alleged several specific refusals to deal that in fact may meet [antitrust law’s] requirements” for pleading a claim, the court explained that injunctive relief is not available under Section 13(b) of the FTC Act[9] because the FTC does not allege ongoing or imminent anticompetitive conduct.[10]

The States’ Case. The states similarly premised their claims on Facebook’s alleged monopoly, but Judge Boasberg found additional grounds for dismissal with prejudice under the doctrine of laches, which does not apply to the U.S. government. More specifically, the court found that laches precluded the states’ claims because it viewed the Clayton Act’s four-year statute of limitations as “the starting presumption” for when an aggrieved plaintiff may file a complaint.[11] The court then pointed to the states having waited six and eight years, respectively, to claim that the WhatsApp and Instagram acquisitions violated antitrust laws and found “no case … in which a plaintiff other than the United States (against which laches does not apply), whether a state or a private party, was awarded equitable relief after such long post-acquisition delays in filing suit.”[12]

The court explained that laches was particularly appropriate because (1) the Instagram and WhatsApp acquisitions were widely publicized at the time; (2) it was well-understood at the time that Facebook was “the dominant player” in online social networking; (3) the FTC’s extra scrutiny of the Instagram transaction was publicized; (4) analysts had expressly commented that Facebook was acquiring WhatsApp to “eliminate[e] a potential competitor poised to mount a major challenge to Facebook’s monopoly;” and (5) significant prejudice to Facebook was apparent, given that the states sought a divestiture of longtime core Facebook assets.[13]

The attorneys general are appealing the decision.

Two Key Takeaways

1. Laches Applies to Everyone Besides the US Government

   The court found that the United States — not the states — is the proper enforcer of the federal antitrust laws, as Congress, when passing the Clayton Act, had not articulated a special role for the states in enforcing those laws, making them akin to private plaintiffs against which equitable defenses applied.[14] Indeed, even prior to the Facebook decision, the states had tacitly admitted this, as the National Association of Attorney Generals recently urged Congress to expand the states’ role as antitrust enforcers.[15] By contrast, at no point did the court question the ability of the FTC to complain about Facebook’s acquisitions of competitors that occurred well before the Clayton Act’s four-year statute of limitations. Timing may eventually impact the FTC if it repleads its refusal to deal claim or asserts other claims based on non-acquisition conduct that is not more recent or ongoing in nature.

2. The FTC’s Next Move May Implicate Chair Khan’s New Playbook

   The court criticized the FTC for making a conclusory claim of Facebook’s 60% “market share,” but also noted that it “believes that the agency may be able to ‘cure [the] deficiencies’ by repleading.” To strengthen its market power allegations, the FTC would likely need to include additional information regarding the basis of its market share calculation, allegations regarding whether Facebook’s market share remained constant or how it otherwise shifted since 2011 (the period that the FTC itself references), the identity of at least some of the other firms that account for the remaining 30-40% of the market, and proof that people value Facebook more than its social media substitutes and connect the popularity of Facebook’s social media services to the advertising dollars that popularity helps generate.

   The decision may also lead the FTC to pivot under new Chair Lina Khan. Although the FTC filed the case in federal court and has advised the court that it would file an amended complaint, it also could have chosen to bring an action through its in-house administrative process, where FTC commissioners themselves would review an order from the FTC’s administrative law judge and render a decision that can be appealed to federal courts. Such a strategic decision could dovetail with the FTC’s withdrawal of its 2015 guidance on standalone use of Section 5 of the FTC Act, which prohibits “unfair methods of competition” — a broader standard than antitrust claims under Sections 1 and 2 of the Sherman Act and Section 7 of the Clayton Act.

[1] See https://t.co/P4fUeYeDMM.

[2] See https://t.co/5aO4RfuZGi.

[3] 15 U.S.C. §§ 1-7.

[4] 15 U.S.C. §§ 12-27.

[5] FTC Op. at 30-31.

[6] Id. at 21-22.

[7] Id. at 31.

[8] Id. at 39-41. Specifically, the court noted that “to be actionable, such a scheme must involve specific instances in which that policy was enforced (i) against a rival with which the monopolist had a previous course of dealing; (ii) while the monopolist kept dealing with others in the market; (iii) at a short-term profit loss, with no conceivable rationale other than driving a competitor out of business in the long run.”

[9] 15 U.S.C. § 45.

[10] FTC Op. at 42-44.

[11] States Op. at 41.

[12] Id. at 44.

[13] Id. at 44-45.

[14] Id. at 48-49.

[15] See www.stateagreport.com/news/full-slate-of-state-attorneys-general-urges-congress-to-strengthen-state-antitrust-enforcement-abilities/#page=1.

In the wake of the Colonial Pipeline hack, President Biden released a long-anticipated Executive Order (EO) intended to strengthen U.S. cybersecurity infrastructure. [1] [2]  The EO highlights the government’s interest in public-private partnerships in the realm of cybersecurity by triggering a rulemaking process that will impose cybersecurity standards on private companies that contract with the federal government in the areas of information technology (IT) and operational technology (OT).  The EO is only one of many steps the new administration is taking to improve cybersecurity.  In line with the government’s vision, the Department of Energy also released a 100-day cybersecurity pilot program,[3] and the Federal Energy Regulatory Commission took steps to establish incentive-based programs for cybersecurity investments.[4]

Dan Sutherland, Chief Counsel for the Cybersecurity & Infrastructure Security Agency (CISA), and Jen Daskal, Deputy General Counsel at the Department of Homeland Security (DHS), spoke at an Infragard webinar on May 19, 2021 about the new Executive Order (EO).[5] 

Before delving into the EO, the speakers gave a brief introduction to the roles of DHS and CISA.  DHS takes a “whole of government” approach to cybersecurity, and deals with cybersecurity issues through the United States Secret Service and Immigration and Customs Enforcement (ICE), which focuses on prosecuting cyber-enabled crime.  It also works through the Transportation Security Administration (TSA) and Coast Guard, which focus on cybersecurity in surface transportation. CISA, on the other hand, is an independent federal agency under DHS oversight.  It focuses specifically on the United States’ cybersecurity and communications infrastructure.  Acting more as a risk advisor and research arm, rather than enforcer, CISA aims to keep the nation’s critical infrastructure secure, robust, and capable of defending itself against cyber-attacks.

Both speakers briefly discussed three pieces of legislation that give CISA more authority to perform their work:

1. The National Defense Authorization Act (NDAA), which is a product of the Cyberspace Solarium Commission, provides 11 substantive new authorities for CISA, including: the ability to issue administrative subpoenas, the authority to do more to protect federal networks, and the wherewithal to provide capabilities and tools to other federal agencies without reimbursement. However, CISA’s subpoena authority is very limited.  It mainly involves the power to collect public-facing IP information from internet service providers (ISPs) when the information is not otherwise available.  Under this authority, ISPs must provide identifying information attached to IP addresses.  CISA, of course, claims to have no interest in overstepping privacy rights or civil liberties. 
2. The DotGov Online Trust in Government Act (DotGov Act) was established through the Consolidated Appropriations Act. The DotGov Act gives CISA the authority to issue “.gov” addresses that provide more security.  These are provided to federal agencies at no cost.
3. The last legislation the speakers highlighted was the American Rescue Plan Act of 2021, which gave CISA $650 Million to improve federal network security. CISA will operate a pilot cloud environment featuring heightened security systems.  This could signal a significant new path for CISA to provide services to agencies rather than merely issuing policies and directives. 

Executive Order on Improving the Nation’s Cybersecurity

The Executive Order has been a priority for the Secretary of the DHS, Alejandro Mayorkas.  When he outlined his vision for DHS’s cybersecurity efforts on March 31, 2021, Secretary Mayorkas said, “[m]ake no mistake: a free and secure cyberspace is possible.  We will champion this with words and action.”[6] 

The speakers highlighted the importance of the role the EO plays in the federal government’s commitment to modernize cybersecurity defenses and protect the federal government’s infrastructure.  While executive orders cannot direct the private sector or create new authorities that do not already exist, they can leverage the power of the White House to signal priorities and support the use of existing authorities to implement key priorities. All the EO provisions outlined by the speakers build on the maturation of the cybersecurity mission and are intended to address recent cybersecurity incidents.  

The EO has several innovative aspects. It leverages the procurement power of the federal government to impose reporting requirements and standards for service providers with which the federal government contracts.  This has the potential to have a ripple effect for the private sector; to set standards of care and best practices beyond the provision of services to the federal government. 

The EO also focuses on improving information sharing about potential incidents in the inter-agency process and through procurement power.  It eliminates roadblocks for private entities to share information with government and assists the government in preventing incidents from occurring in the first place.  The federal government observed that IT and OT service providers who contract with the government are hesitant and sometimes unable to share information with CISA and the FBI.  They often claim that their contracts prevent the sharing of information to any agency outside of their contracting partners.  The EO requires CISA to develop standard contractual clauses to be implemented through the federal acquisition regulation process.  IT and OT service providers will thereby be required to collect, preserve, and share data and to collaborate during investigations.  The EO goes beyond information sharing and provides standard formats to assist with investigation and remediation.  Section 2(g)(I) of the EO outlines the types of reporting that should be included in the contracts. 

Additionally, the EO creates a new Cybersecurity Safety Review Board, which will analyze broader, nationally significant cyber incidents affecting federal civilian information systems or non-federal systems, and make concrete recommendations for improving cybersecurity.  CISA is actively working to develop this Board.

The EO provides authorities to conduct threat-hunting authorities, ensuring that there is government-wide buy-in on CISA’s ability to use these authorities effectively.  It also includes desired improvements in cloud security and in the development of software used in the supply chain.

Recent cyber security incidents have revealed a lack of visibility into the cloud environment.  To address this, the EO requires CISA to develop a set of security principles that govern the cloud environment for federal agencies. The EO also requires the Secretary of Commerce, in coordination with National Institute of Standards and Technology (NIST), to publish minimum elements of the bill of materials and a definition of “critical software.”  The Secretary of Commerce is also responsible for recommending minimum standards for testing of third-party software source code by the third-party licensors. 

In addition, CISA can help federal agencies by providing a federal incident-response playbook and improving methods for detecting vulnerabilities.  Because currently CISA sees internet traffic only at the perimeter but not at the object (computer) level, the EO requires organizations to give CISA access to monitor object-level data and provide endpoint detection capabilities, allowing CISA a greater ability to look for malicious code and vulnerabilities.

When asked whether the EO sufficiently protects critical infrastructure, Dan Sutherland stated that CISA was taking substantial new steps to address recent issues.  Regarding possible metrics of success, he said that these metrics may include measurements of efforts and results and, since the EO has many short, aggressive deadlines, people should expect to see results such as patching happening quickly.

The final point the speakers addressed was on inter-agency sharing of information.  Under the Federal Information System Moderation Act (FSMA), every agency is responsible for its own security, while CISA provides only guidance and policies.  After the data breach at the federal Office of Personnel Management,[7] there was more cooperation and collaboration in the federal civilian executive branch.  The EO is further prompting federal agencies to work collaboratively.  In that regard, the EO calls for procedures for the Secretary of DHS and the Department of Defense to share all directives applying to their respective information networks. To take this a step further, the speakers recommended the cultivation of greater information sharing between the federal system and the private industry.

Our next article will focus on steps the private sector should be taking in light of new standards under the EO.

Read the second article in this two-part series, published in September 2021: https://businesslawtoday.org/2021/09/private-sector-actions-in-light-of-the-cybersecurity-executive-order/

[1]           Maame Nyakoa Boateng, a third-year student at Penn State Dickinson Law, contributed to this article.

[2]           Available at: https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/.

[3]           Department of Energy, “Biden Administration Takes Bold Action to Protect Electricity Operations from Increasing Cyber Threats,” April 20, 2021, https://www.energy.gov/articles/biden-administration-takes-bold-action-protect-electricity-operations-increasing-cyber-0 (last checked July 16, 2021). 

[4]           Cybersecurity Incentives, Federal Energy Regulatory Commission, Department of Energy, Notice of Proposed Rulemaking, https://www.federalregister.gov/documents/2021/02/05/2021-01986/cybersecurity-incentives (last checked July 16, 2021).

[5]           For those who missed the webinar, it can be viewed at https://www.americanbar.org/groups/cybersecurity/. 

[6]           Secretary Mayorkas Outlines His Vision for Cybersecurity Resilience, March 31, 2021, https://www.dhs.gov/news/2021/03/31/secretary-mayorkas-outlines-his-vision-cybersecurity-resilience (last checked July 16, 2021).

[7]           See https://www.opm.gov/cybersecurity/cybersecurity-incidents/.

On July 7, 2021, Colorado Governor Jared Polis signed into law the Colorado Privacy Act (CPA). By enacting the CPA, Colorado becomes the third state in the nation to implement a generally applicable consumer data privacy law, after California with the California Consumer Privacy Act (CCPA) and Virginia with the Virginia Consumer Data Protection Act (VCDPA). While the CPA is similar to the CCPA and VCDPA in many respects, it has a different scope and different obligations than those two laws. Accordingly, impacted businesses must conduct a separate scope analysis, and, if subject to the CPA, they will need to set up different business rules to comply with the law.

The CPA applies to person(s) that conduct business in Colorado or that produce products or services that are intentionally targeted to Colorado residents and that either (1) control or process personal data of at least 100,000 Colorado residents during a calendar year, or (2) derive revenue or receive a discount on the price of goods or services from the sale of personal data and process or control the personal data of at least 25,000 Colorado residents. The CPA applies to information that is linked or reasonably linkable to an identified or identifiable person acting in an individual or household context. The law also provides special protections for sensitive data, which includes personal data revealing racial or ethnic origin, religious beliefs, mental or physical health condition or diagnosis, sex life or orientation, citizenship or citizenship status, and personal data from a known child.

However, the CPA does not apply to, among other things:

• financial institutions or data subject to the federal Gramm-Leach-Bliley Act;
• certain activities regulated by the Fair Credit Reporting Act;
• information on persons acting in a commercial or employment context;
• deidentified data or, in some contexts, pseudonymous data; or
• publicly available information.

Consumer Rights

The CPA provides consumers with a number of rights related to their personal data, several of which are similar to rights available under the CCPA and VCDPA. Under the CPA, consumers have the right to:

• confirm whether or not a controller (the person that determines the purpose and means of processing personal data) is processing personal data;
• access their personal data;
• correct inaccuracies in their personal data, taking into account the nature of the personal data and the purposes for processing the personal data;
• delete personal data concerning them;
• obtain a portable copy of personal data that they access from the controller;
• opt out of the processing of personal data for (1) targeted advertising, (2) the sale of personal data, or (3) profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer; and
• appeal a refusal to take action on a request to exercise a right under the CPA.

The CPA also requires controllers to adopt and offer, by July 1, 2024, a universal opt-out mechanism to allow consumers to opt out of the sale of personal data and opt out of the processing of personal data for purposes of targeted advertising under technical specifications to be established by the Colorado attorney general.

Controller Obligations

The CPA imposes different obligations depending on whether the business is a controller or a processor (the entity processing personal data on behalf of the controller). Therefore, a business will need to analyze whether it is acting as a controller or a processor when engaging in any personal data processing.

Under the CPA, controllers must, among other things:

• provide a Privacy Notice containing specific disclosures, including the categories of personal data collected, processed, and shared, the purposes for which personal data are collected and processed, the categories of third parties with whom the controller shares personal data, and, if selling personal data or processing personal data for targeted advertising, a clear and conspicuous disclosure of the sale or processing and how a consumer can opt out;
• limit processing personal data to what is adequate, relevant, necessary, reasonable, and proportionate in relation to the specified purposes for which such personal data is processed;
• not process personal data for purposes that are not reasonably necessary or compatible with specified purposes, unless the controller obtains consumer consent;
• take reasonable measures to secure personal data during both storage and use from unauthorized acquisition;
• not process personal data in violation of discrimination laws; and
• not process sensitive data without consent.

The CPA also requires controllers to conduct and document data protection assessments when conducting data processing that presents a heightened risk of harm to a consumer. Processing that presents a heightened risk of harm to a consumer includes engaging in the following activities:

• the processing of personal data for purposes of targeted advertising;
• the sale of personal data;
• the processing of personal data for purposes of profiling, where such profiling presents a reasonably foreseeable risk of certain types of harm to consumers; and
• the processing of sensitive data.

Processor Obligations

A processor must follow a controller’s instructions and must assist the controller in:

• responding to consumer rights;
• meeting data security and breach notification obligations; and
• providing information to enable the controller to conduct and document data protection assessments.

There are also requirements for contracts between controllers and processors as well as requirements for engaging subcontractors.

Enforcement

The Colorado attorney general and district attorneys have exclusive authority to enforce the CPA. The attorney general and DAs may seek civil penalties of up to $20,000 for each violation of the CPA, in addition to injunctive relief. The CPA provides for a 60-day right to cure.

The CPA does not provide for a private right of action.

Effective Date

The CPA will become effective on July 1, 2023.

Do you know what an ombudsman does? Did you know that the Board of Governors of the Federal Reserve System (“Board”) has an Ombudsman Office that serves individuals and financial institutions affected by the Federal Reserve System’s (the “Federal Reserve”) regulatory and supervisory activities? This article provides an overview of the Board’s Ombudsman Office and explains recent amendments to the Federal Reserve’s procedures for an institution to appeal a rating or other supervisory action (material supervisory determination (“MSD”) appeals process).[1]

What Is an Ombudsman?

The term “ombudsman” is Swedish in origin (literally translated, it means “representative”), and an ombudsman’s function is to assist “individuals and groups in the resolution of conflicts and concerns.”^[2] The ombudsman profession dates back to 1713, when King Charles XII of Sweden appointed an ombudsman to help promote good governance and conflict mitigation.^[3] The use of ombudsmen has continued to evolve, spreading throughout the public, private, and academic sectors around the world.^[4] Examples of organizations and businesses that employ ombudsmen include the United Nations, the International Monetary Fund, the American Red Cross, the Inter-American Development Bank, the United States Olympic Committee, American Express Company, The Coca-Cola Company, Mars Inc., and United Technologies Corporation.

This article presents an outline of the office’s methods and purpose from the perspective of the Federal Reserve’s Ombudsman Office employees, past and present.

The Federal Reserve System’s Ombudsman Office

Establishment of the Ombudsman Office

The Board established the position of Ombudsman in 1995, as required by the Riegle Act.[5] Other financial regulators, including the Consumer Financial Protection Bureau, Federal Deposit Insurance Corporation, National Credit Union Administration, and Office of the Comptroller of the Currency, also have ombudsmen. The Riegle Act directed each federal banking agency to appoint an ombudsman to:

(A)  act as a liaison between the agency and any party with any problem the party may have in dealing with the agency as a result of its regulatory activities; and

(B)  ensure that safeguards exist to encourage complainants to come forward and preserve confidentiality.^[6]

What We Do and How We Do It

The Board’s Ombudsman Office is guided by four core principles: independence, informality, fairness, and confidentiality. We operate outside of the Federal Reserve’s supervisory and regulatory processes and are therefore independent. The Ombudsman Office is located in the Board’s Office of the Secretary, and Ombudsman staff do not report to the Board’s supervisory divisions.

The Ombudsman Office has three major functions. Primarily, we are available to facilitate the fair and timely resolution of complaints related to the Federal Reserve’s supervisory and regulatory activities. In performing this function, we most commonly hear from representatives of state member banks (for which the Federal Reserve is the primary federal regulator) about a specific supervisory determination. For example, financial institutions have contacted our office about supervisory component and composite ratings; findings in safety and soundness examinations and consumer compliance exams; timing, process, or other concerns relating to exams; and the review and approval of pending applications. To help resolve such matters, we work collaboratively with representatives of the supervised institution and with senior staff at the Board or Reserve Bank, as appropriate. In short, we do our best to facilitate productive communication and to keep the resolution process on track.   

Depending on the severity of the problem, the Board’s general practice is to attempt to resolve problems informally, when appropriate. In keeping with this policy, our office typically assists individuals or financial institutions before a formal process is initiated, often obviating the need to use a formal process. Moreover, our office can continue to assist an individual or institution in resolving a dispute even if it has escalated to a formal process. We have informally assisted financial institutions during the pendency of an MSD appeal to provide information and to help address, for example, communication or delay issues. 

We also serve as an intake point for whistleblower complaints against supervised institutions or institution-affiliated parties. We generally gather information from the complainant and share the information with appropriate Board or Reserve Bank staff. However, if an individual wants to remain anonymous outside of discussions with the Ombudsman Office, we will not share any identifying information.

The second major function of our office is to investigate any claim that Federal Reserve staff has retaliated against a supervised institution. The Board has a strict policy prohibiting retaliation. The Ombudsman Office defines retaliation as any action or decision by Board or Reserve Bank staff that causes a supervised institution to be treated differently (e.g. more harshly) than other similarly situated institutions because the institution has attempted to resolve a complaint by filing an MSD appeal or has utilized any other Board mechanism for resolving a complaint.^[7] Because of the ongoing relationships between financial institutions and the Board, we recognize how difficult it can be for an institution to raise retaliation claims, and we ensure that all such claims are fully investigated. During this process, our office collects and reviews relevant documents, interviews witnesses, and consults with Board or Reserve Bank subject matter experts.^[8] Throughout the course of our investigation, we also attempt to resolve retaliation claims informally, such as through discussions with the complaining institution and relevant Board or Reserve Bank staff.^[9] At the conclusion of an investigation, our office determines if retaliation occurred and reports its factual findings and determination to the appropriate Federal Reserve internal resources.^[10] We may also recommend to the appropriate division director that personnel involved in the claimed retaliation be excluded from the next examination of the institution or review that may lead to an MSD. However, the division director will make the final decision regarding any exclusions of Federal Reserve personnel from future examinations. 

Our third function is to provide feedback on patterns of issues.[11] This function includes reporting to Board members and senior staff on issues that are likely to have a significant impact on the Federal Reserve’s missions, activities, or reputation that arise from the Ombudsman’s review of complaints, such as patterns of issues that occur across multiple complaints. This information includes aggregate data, and may also include particular issues raised by institutions. To maintain confidentiality, we do not share any identifying information about an institution in these reports, unless expressly authorized to do so by the institution. This reporting function enables us to share directly with Board members and senior staff our perspective based on the concerns of individuals and financial institutions affected by the Federal Reserve’s supervisory or regulatory activities.

Due to the nature of the Ombudsman Office’s functions, we have established safeguards to protect the identity of the individuals and financial institutions that contact our office. We also protect the confidentiality of the information they share, upon request. Our email address and telephone line are not accessible to anyone other than Ombudsman Office staff. We share identifying and other information with Federal Reserve staff only if the individual or financial institution has explicitly authorized us to do so (except if disclosure is required by law, in the event of imminent risk of serious harm, or in the case of fraud, waste, or abuse). 

In sum, our office serves in most instances as an informal resource, and we advocate for a fair and timely resolution of disputes or concerns. An institution’s participation in a resolution process with the Ombudsman is voluntary.  If a financial institution or individual no longer wants to pursue resolution through our office, it is free to terminate the process at any time.

The MSD Appeals Process

The Riegle Act also directed the federal banking agencies to establish an “independent intra-agency appellate process” for the review of “material supervisory determination[s]” and to ensure that “appropriate safeguards exist for protecting the appellant from retaliation by agency examiners.”^[12] In response, the Board established an MSD appeals process in March 1995. Last year, the Board adopted an amended MSD appeals process, drawing on experience with and feedback on the original policy.[13] The purpose of the revised process is to improve and expedite the appeals process. Highlights of the amendments, which became effective on April 1, 2020, are summarized below. 

The original process defined an MSD to include determinations related to examinations or inspection composite ratings, the adequacy of loan loss reserves, and significant loan classifications.  The revised process clarifies that Matters Requiring Attention (MRAs) and Matters Requiring Immediate Attention (MRIAs) constitute appealable MSDs. Specifically, the revised process states that an MSD includes, but is not limited to, “any material determination relating to examination or inspection composite ratings, material examination or inspection component ratings, the adequacy of loan loss reserves and/or capital, significant loan classification, accounting interpretation, Matters Requiring Attention (MRAs), Matters Requiring Immediate Attention (MRIAs), Community Reinvestment Act ratings (including component ratings), and consumer compliance ratings.” The revised process clarifies that it excludes any referral of a matter to another government agency from an appealable MSD. Finally, the revised process continues to exclude any supervisory determination for which an independent right of appeal exists.

The original appeals process consisted of three levels—an initial review panel, an appeal to the president of the Reserve Bank that issued the MSD, and an appeal to the appropriate Governor at the Board. The revised process only includes two levels—an initial review panel and a final review panel—both of which have three members. Under the revised process, all appeals are filed with the Ombudsman Office. Generally, the initial review panel consists of three Reserve Bank employees, with the option for a Board employee to be appointed as one of the three members in appropriate circumstances. The final review panel must consist of at least two Board employees, at least one of whom must be an officer of the Board at the level of associate director or higher. Members of the review panels must not have been substantively involved in, or directly or indirectly report to someone else who was involved in, the MSD being appealed.  Additionally, none of the panel members may be employees of the Reserve Bank that made the MSD being appealed.        

Under the revised, streamlined process, an institution must file an initial appeal within 30 calendar days of receipt of the MSD, and the initial review panel will issue a decision within 45 calendar days of the date the appeal is received.[14] An institution must file a final appeal within 14 calendar days of the initial review panel’s decision, and the final review panel will issue a decision within 21 calendar days of the filing of a final appeal.[15]

The revised process also addresses a potential timing conflict between the Prompt Corrective Action (PCA) framework[16] and the original MSD appeals process by expediting the appeals process. If an MSD being appealed relates to or causes an institution to become critically undercapitalized, the appeals process is further expedited. An institution must still file an initial appeal within 30 calendar days of receipt of the MSD, but the initial review panel will issue a decision within 35 calendar days of the date the appeal is received.[17] An institution must file a final appeal within seven calendar days of the initial review panel’s decision, and the final review panel will issue a decision within 10 calendar days of the filing of a final appeal. 

The revised process also defines specific standards of review applicable at each level of the appeal. The initial review panel considers whether the MSD being appealed is consistent with applicable laws, regulations, and policy, and is supported by a preponderance of evidence in the record. The initial review panel will make its own supervisory determination and will not defer to the judgment of the Reserve Bank staff that made the MSD being appealed. The initial review panel may, however, rely on any examination work papers developed by the Reserve Bank or materials submitted by the institution if it determines it is reasonable to do so. The final review panel determines whether the initial review panel’s decision was reasonable.

Finally, the Ombudsman Office may attend, as an observer, meetings or deliberations relating to the appeal, if requested by either the institution or Federal Reserve personnel. Ombudsman staff will also follow up with institutions that have filed an MSD appeal to inquire whether retaliation has occurred. As in the prior policy, the Ombudsman Office is the authorized recipient of all retaliation claims made by supervised institutions involving the Federal Reserve.

Conclusion

As explained above, the three main functions of the Ombudsman Office are: (1) to facilitate the fair and timely resolution of complaints related to the Federal Reserve’s supervisory and regulatory activities; (2) to investigate any claim that Federal Reserve staff has retaliated against a supervised institution; and (3) to provide feedback on patterns of issues. The Board’s Ombudsman Office staff is here to assist you, and we are dedicated to helping the Federal Reserve and its constituents resolve issues efficiently and effectively. If you have any questions, please contact us via email at [email protected] or by calling 1-800-337-0429.

[1] The authors of this article would like to acknowledge the valuable contributions of former staff members of the Ombudsman Office who contributed to the development of this article.

[2] The International Ombudsman Association, https://www.ombudsassociation.org/what-is-an-organizational-ombuds.

[3] C. McKenna Lang, A Western King and an Ancient Notion: Reflections on the Origins of Ombudsing, Journal of Conflictology, Vol. 2, Issue 2 (2011).

[4] Id.

[5] Riegle Community Development and Regulatory Improvement Act of 1994, 12 USC §§ 4701 et seq.

[6] 12 U.S.C. § 4806(d)(2). In addition, when Congress created the Consumer Financial Protection Bureau in 2010, it directed that the Consumer Financial Protection Bureau appoint an ombudsman to carry out these roles. 12 U.S.C. § 5493(a)(5).

[7] “Internal Appeals Process for Material Supervisory Determinations and Policy Statement regarding the Ombudsman for the Federal Reserve System,” 85 Fed. Reg. 15175, 15182 (March 17, 2020).

[8] Id. at 15181.

[9] Id.

[10] Id.

[11] Id.

[12] 12 U.S.C. § 4806(a),(b)(2).

[13] “Internal Appeals Process for Material Supervisory Determinations and Policy Statement regarding the Ombudsman for the Federal Reserve System,” 85 Fed. Reg. 15175 (March 17, 2020).

[14] The initial review panel may extend the period for issuing a decision by up to 30 calendar days if the panel determines that the record is incomplete, and that additional fact-finding is necessary for the panel to issue a decision.

[15] The final review panel may extend the period for issuing a decision by up to 30 calendar days if the panel determines an extension is appropriate.

[16] For an overview of the PCA framework, please refer to section 4133.1 of the Board’s Commercial Bank Examination Manual, https://www.federalreserve.gov/publications/files/cbem-4000-202004.pdf.

[17] This period may be extended by up to an additional seven calendar days if the initial review panel decides that such time is required to supplement the record and consider additional information received.

May 26, 2021 was a landmark day for Big Oil. Its inner sanctums were put on notice by stakeholders that the companies must take meaningful steps now to address climate change. 61% of Chevron Corporation (“Chevron”) shareholders voted to approve a resolution seeking Chevron’s reduction of Scope 3 greenhouse gas (“GHG”) emissions.[1] Three directors, who were nominated by a small hedge fund to make Exxon more accountable for all of its carbon emissions, were elected to Exxon Mobil’s Board of Directors at Exxon’s annual meeting.[2] A Dutch trial court ordered Royal Dutch Shell to cut its GHG emissions by 45% by the year 2030.[3] While these events are unprecedented for Big Oil, how they came about and their actual impact are worth a closer look. Perhaps what’s most noteworthy is the prospect that years of shareholder activism may suddenly be yielding dividends.

I. Chevron and Its Shareholders

At Chevron’s annual meeting on May 26^th, shareholders approved the following resolution:

“RESOLVED: Shareholders request [Chevron] to substantially reduce the greenhouse gas (GHG) emissions of their energy products (Scope 3) in the medium- and long-term future, as defined by the Company. To allow maximum flexibility, nothing in this resolution shall serve to micromanage the Company by seeking to impose methods for implementing complex policies in place of the ongoing judgement of management as overseen by its board of directors.”[4]

The resolution was proposed by Follow This, a Dutch activist fund. Chevron had initially sought to exclude the proposal from a vote and requested no-action relief from the SEC on the basis that (i) the proposal related to the Company’s “ordinary business” operations and sought to “micromanage the Company’s actions to direct its GHG emissions management program,” which made it excludable from proxy materials under Rule 14a-8,[5] and (ii) the proposal duplicated a prior proposal.[6] On March 30, 2021, the SEC denied Chevron no-action relief, indicating on its website that the SEC was “[u]nable to concur with exclusion on any of the bases asserted.”[7]

Also considered during this stockholder meeting were resolutions (a) directing the Board of Chevron to issue an audit report discussing “whether and how a significant reduction in fossil fuel demand, envisioned in the IEA [International Energy Agency] Net Zero 2050 scenario, would affect its financial position and underlying assumptions,” and (b) seeking to convert Chevron to a Public Benefit Corporation under Delaware law, the purpose of which would have been to enable Chevron to adopt and adhere to sustainability goals consistent with the public interest. The Board of Directors of Chevron opposed all three resolutions.[8]

Only the first of the proposed resolutions, identified as Item 4 on the proxy card, passed. What does Item 4 actually obligate Chevron and its Board to do? On its face, very little. It “request[s],” but does not mandate, that the company reduce its Scope 3 emissions.[9] It contains no firm climate change benchmarks that the company must achieve. The timeframe for accomplishing these reductions, in the “medium and long term future,” is not specific. And furthermore, Chevron’s governance rules only commit the Board to “reconsider any stockholder proposal not supported by the Board that receives a majority of the votes cast at its Annual Meeting . . . .”[10] From management’s perspective, Item 4 could be viewed as more advisory than mandatory.

Nevertheless, the impact of the resolution’s passage is far from illusory. It is after all the first resolution calling for any reduction in GHG emissions passed by Chevron’s shareholders, and the fact that it does not impose specific targets or requirements is due to the limitations of Rule 14a-8, which allows shareholders owing certain amounts of securities to place proposals in the company’s proxy materials for vote at shareholder meetings, subject to certain procedural requirements and substantive exclusions. One such exclusion is proposals that relate to the company’s “ordinary business operations,” which could result in impermissible micro-management of the company by shareholders.[11] Follow This expressly limited its proposal to calling for a reduction in emissions only, appropriately leaving the specifics of accomplishing the reduction to management: “Had the Proponent not been required to draft this proposal with pointed consideration of the potential for exclusion on grounds of micromanagement, the Proponent would have requested much more specific and progressive reductions.”[12] Going forward, should Chevron’s Board ignore the resolution, its directors could be at greater risk of being replaced over time by the same shareholders who voted for the resolution.

II. Exxon Mobil’s Three New Directors

Engine No. 1, a hedge fund with a .02% holding in Exxon Mobil, proposed a slate of four directors for election to Exxon’s twelve-member board at its annual meeting on May 26, 2021. Engine No. 1’s stated goal was to infuse the Exxon Board with people who will push the energy giant to recognize the significance of global climate change and respond constructively to the goals of the Paris Climate Agreement. Engine No. 1 succeeded in electing three of its four nominees, garnering critical support from Exxon’s three largest shareholders (and the three largest asset managers in the world) BlackRock, Vanguard and State Street, as well as major shareholders such as CalPERS and the New York State Common Retirement Fund.[13] In fact, Engines No. 1’s three directors received the highest number of votes of all nominees.[14]

In the case of Exxon, Engine No. 1’s success appears to have been based on excellent timing and a compelling slate of candidates. Going into the annual meeting, Exxon had faced “mounting criticism for its reluctance to invest more in renewable energy and for years of weak financial performance.”[15] New York State’s Comptroller said investors had “received platitudes and gaslighting in response” to concerns about climate change for years.[16] Meanwhile, Exxon’s three largest shareholders have placed themselves at the forefront of the Environmental, Social, and Governance (ESG) movement as members of the NetZero Asset Managers Alliance among other things.[17] BlackRock in particular all but foreshadowed its vote in its 2021 annual letter to clients:

“We expect the issuers we invest in on our clients’ behalf to be adequately managing the global transition towards a net zero economy…. Where we do not see progress in this area, and in particular where we see a lack of alignment combined with a lack of engagement, we will not only use our vote against management for our index portfolio-held shares, we will also flag these holdings for potential exit in our discretionary active portfolios because we believe they would present a risk to our clients’ returns.”[18]

Engine No. 1 provided a slate of qualified candidates to garner the votes, including highly regarded industry executives with success in both conventional and renewable energy transition (Gregory Goff and Kaisa Hietala) and a former U.S. Asst. Secretary of Energy and clean tech entrepreneur with expertise in energy infrastructure, R&D and policy (Alexander Karsner).[19] Shareholders recognized that Exxon needs diversity of expertise, background and perspective on its board to move towards sustainability, and voted accordingly.[20]

III. Royal Dutch Shell in The Hague

Potentially the most significant of the May 26^th events was the decision by the Hague District Court to order Royal Dutch Shell (“RDS”) to cut its GHG emissions by net 45% by 2030 compared to 2019 levels.[21]

There are many significant elements of the Judgment, starting with the Court’s recognition of the effects of climate change. The Court accepted as fact that mankind’s use of fossil fuels leads to the release of carbon dioxide which traps heat within the ozone layer and causes temperatures on earth to rise.[22] It discussed the so-called carbon budget, which is the total remaining capacity of the earth to absorb GHGs, and accepts as fact the conclusions by various international organizations about the effects of climate change.[23] In particular, the Court accepted as fact that The Netherlands generates more CO2 emissions than many other European countries and there is a direct connection between those activities and future disruptions to human existence.[24]

The plaintiffs asserted that RDS had duties under Dutch law to prevent climate change through its corporate policies and to ensure that its carbon emissions comply with levels deemed acceptable under, for example, the IEA’s Net Zero 2050 plan. The Court concluded that RDS’ corporate policies, policy intentions and ambitions are incompatible with CO2 reduction targets prescribed in the Paris Climate Agreement, the IEA Net Zero 2050 and other global climate change policies. It ordered RDS to reduce its Scope 1, 2 and 3 emissions by a net 45% of 2019 levels by the end of 2030 through the adoption and implementation of new corporate policies that will actually enable these results.

Given the breadth and impact of the Judgment, it is likely that RDS will appeal. If so, the Hague Court of Appeal would review the case do novo, i.e. it may re-examine the facts and reach its own conclusions about the facts and the outcome of the case.[25] While this story is not over, it remains to be seen what effect (if any) the case may have on future U.S. public policy and legislation.

IV. Measuring Progress Toward Net Zero

Much of the world now pays ever closer attention to the consequences of our reliance on fossil fuels. As the reality of climate change is now in the boardrooms of Big Oil, there is growing demand from the investor community for companies to, as Bill Gates puts it, go from emitting 51 billion tons of GHGs each year to zero.[26]

On June 10, 2021, The Investor Agenda published a “Statement to Governments” signed by 457 investment firms and individuals representing US$41 trillion in assets urging governments to issue standards for measuring and quantifying climate risk so that investors can properly assess those risks and invest wisely.[27] The Statement calls on all governments to take broad action in 2021, including:

• strengthening NDCs for 2030;
• committing to “decarbonization roadmaps” for carbon-intensive sectors;
• carbon pricing;
• removing fossil fuel subsidies;
• phasing out thermal coal-based power; and
• mandatory climate risk disclosure requirements.[28]

Like BlackRock’s 2021 annual letter to clients, the Statement invokes the need for greater transparency in climate risk disclosures.[29] The inability of investors to obtain material information about company carbon emissions impedes investors’ efforts to invest the capital required to achieve Net Zero. Extraordinary associations and statements such as these underscore the growing urgency with which climate change and ESG issues are being considered. While the full significance of May 26, 2021 remains to be seen, the day may hopefully be remembered as the beginning of a shift of consciousness in Big Oil from avoidance to constructive engagement with the forces of climate change.

[1] https://www.reuters.com/business/energy/chevron-shareholders-approve-proposal-cut-customer-emissions-2021-05-26/.

[2] https://www.reuters.com/business/energy/exxons-board-shakeup-could-force-review-billions-dollars-spending-2021-06-09/.

[3] https://www.theguardian.com/business/2021/may/26/court-orders-royal-dutch-shell-to-cut-carbon-emissions-by-45-by-2030.

[4] https://www.chevron.com/-/media/shared-media/documents/chevron-proxy-statement-2021.pdf, p. 81.

[5] 17 CFR §240.14a-8. 

[6] Chevron Corporation; Rule 14a-8 no-action letter (sec.gov).

[7] Shareholder Proposal No-Action Responses (sec.gov).

[8] Id.

[9] “Scope 3 emissions are the result of activities from assets not owned or controlled by the reporting organization, but that the organization indirectly impacts in its value chain.” https://www.epa.gov/climateleadership/scope-3-inventory-guidance.

[10] https://www.chevron.com/investors/corporate-governance (emphasis added).

[11] See 17 CFR §240.14a-8(i)(7).  See also Exchange Act Release No. 40018 (May 21, 1998).  The policy underlying the ordinary business exclusion is “to confine… ordinary business problems to management and the board…, since it is impracticable for shareholders to decide how to solve such problems at an annual shareholders meeting,” and to consider “the degree to which the proposal seeks to ‘micro-manage’ the company by probing too deeply into matters of a complex nature upon which shareholders… [are not] in a position to make an informed judgment.” Id.

[12] Chevron Corporation; Rule 14a-8 no-action letter (sec.gov).

[13] Exxon Mobil Defeated by Activist Investor Engine No. 1 – The New York Times (nytimes.com) and https://www.cnbc.com/2021/06/02/activist-firm-engine-no-1-claims-third-exxon-board-seat-.html. For an interesting report of the maneuvering that led to the vote, see: https://www.nytimes.com/2021/05/28/business/energy-environment/exxon-engine-board.html.

[14] Activist hedge fund Engine No. 1 wins third seat on Exxon board (msn.com).

[15] EXCLUSIVE BlackRock backs 3 dissidents to shake up Exxon board -sources (Reuters).

[16] Exxon loses board seats to activist hedge fund in landmark climate vote (Reuters).

[17] State Street Global Advisors Joins Net Zero Asset Managers Initiative (ESG Today).

[18] BlackRock Client Letter (BlackRock).

[19] Engine No. 1 Formally Nominates Four Director Candidates to ExxonMobil Board (Nasdaq).

[20] Exxon also faces climate change exposure on the litigation front. In October 2019, Massachusetts Attorney General Maura Healey filed suit against Exxon Mobil, alleging that it deceived investors about the climate risks posed by Exxon’s activities. On June 23, 2021, a Massachusetts state court denied Exxon’s motion to dismiss. https://www.mass.gov/doc/june-23-2021-memorandum-of-decision-and-order-denying-exxons-motion-to-dismiss/download. 

[21] A copy of the Court’s decision, referred to hereafter as the “Judgment,” can be found here: http://climatecasechart.com/climate-change-litigation/wp-content/uploads/sites/16/non-us-case-documents/2021/20210526_8918_judgment-2.pdf.

[22] Judgment, §§2.3.1, 2.3.2.

[23] Judgment, §§2.3.3 – 2.3.5.3.

[24] Judgment, §2.3.7.

[25] http://www.haguejusticeportal.net/index.php?id=9344.

[26] Gates, B., How To Avoid A Climate Disaster: The Solutions We Have and the Breakthroughs We Need (2021 Knopf), Ch. 1.

[27] https://theinvestoragenda.org/wp-content/uploads/2021/05/IN-CONFIDENCE_EMBARGOED_2021-Global-Investor-Statement-to-Governments-on-the-Climate-Crisis-1.pdf

[28] Id.

[29] Id; https://www.blackrock.com/corporate/investor-relations/larry-fink-ceo-letter

In Brief

• In re Nine West LBO Securities Litigation (“Nine West”) is a recent case decided by the Southern District of New York in which the court left open the possibility that directors of a target company involved in a leveraged buyout (“LBO”) could be held liable for breach of fiduciary duty in approving the LBO if the post-merger company later becomes insolvent due to the impact of the LBO and related foreseeable transactions by the successor board, including taking on significant debt as part of the LBO.
• The case has the potential of expanding the paradigm of fiduciary duties owed by directors to include the successor acts of the surviving company’s board.
• A Delaware court would likely reach a similar outcome in deciding a case like Nine West; however, it would be reluctant to require directors to prioritize the post-merger solvency of a new surviving company over maximizing stockholder value.

Introduction

In recent years, there has been a small slowdown in the trend of highly leveraged buyouts of companies by private equity firms.  Private equity firms continue to target struggling, undervalued, or poorly managed companies, and use significant debt to complete the leveraged buyout of those companies, often flipping the target company (or spinning off its profitable portions) a few years later, resulting in significant profits.  Unsurprisingly, Delaware courts have seen a consistent flow of cases where stockholders of target companies claim that directors breached their fiduciary duties in connection with orchestrating and approving an LBO.  The focus of these cases has been almost entirely on whether the directors exercised valid business judgment and maximized shareholder return in approving the LBO.  What happens to the acquired company after the LBO is completed – including the debt it took on as part of the LBO and its post-merger solvency – has not received significant focus in analyzing the personal liability of the directors approving the sale.  But that may no longer be the case.

A recent decision by a U.S. District Court for the Southern District of New York, In re Nine West LBO Securities Litigation, has created buzz in the legal and business communities because of its potential for causing a paradigm shift in director liability in approving the sale of a company through an LBO.  The Nine West decision contemplates that directors of a target company involved in an LBO could be held liable if the surviving, post-merger company later becomes insolvent, at least partially because the target company’s directors failed to consider the foreseeable impact that taking on considerable debt as part of the LBO would have on the surviving company.  The Nine West decision also hints that directors could be liable for foreseeable “successor acts” of the new board, in addition to facing liability for aiding and abetting the new board’s post-sale breaches of fiduciary duties. 

Faced with this possible increased liability risk for approving an LBO, directors may be more hesitant to pursue and approve such deals moving forward, creating a chilling effect on the trend of highly leveraged private equity sales.  This article explores the Nine West decision and Delaware fiduciary duty law as applied to LBOs, ultimately predicting that a Delaware court would reach a decision similar to Nine West given the structure of the LBO at issue in that case.  However, a Delaware court would likely be reluctant to require directors to prioritize the post-merger solvency of a new surviving company over maximizing stockholder value, and would also likely decline to extend the liability paradigm for directors to reach successor acts of a succeeding board absent special circumstances.

Fiduciary Duties and Related Issues Under Delaware Law

In carrying out their responsibilities, directors and officers have a fiduciary duty to protect the interests of the corporation and act in the best interests of the corporation and its stockholders.  Delaware law has long recognized two principal fiduciary duties owed by officers and directors alike: the duty of loyalty and the duty of care. 

Duty of Loyalty

The duty of loyalty requires an officer or director to place the interests of the corporation and its stockholders above personal interest when making decisions that affect the corporation.  Included in the duty of loyalty is a requirement that officers and directors act in good faith, motivated by “a true faithfulness and devotion to the interests of the corporation and its shareholders.”[1] A director or officer who intentionally acts with a purpose other than that of advancing the best interests of the corporation may be found to have acted in bad faith; however, another hallmark of bad faith involves a director or officer acting with deliberate indifference or failing to act in the face of a known duty.

Duty of Care

The duty of care requires corporate fiduciaries to act in a fully informed manner.  Officers and directors are required to fully inform themselves of all material information reasonably available to them before making a decision on behalf of the corporation.  They are expected to exercise the degree of care and prudence that would be expected of them in the management of their own affairs.  In addition, having become so informed, directors and officers must then act with care in the discharge of their duties.  In determining whether an officer or director failed to make a sufficiently informed decision and so violated the duty of care, Delaware courts apply a “gross negligence” standard, analyzing whether the officer or director acted outside “the bounds of reason” or with “reckless indifference to or a deliberate disregard of the stockholders … or actions which are without the bounds of reason.”^[2]

Exculpation

Delaware corporations can include in their certificate of incorporation an exculpation provision pursuant to 8 Del. Code 102(b)(7) (“Section 102(b)(7)”) that eliminates (or limits) the personal liability of a director to the corporation or its stockholders for monetary damages for any breach of the duty of care.  Even grossly negligent acts can be shielded by a Section 102(b)(7) exculpatory provision.  Such a provision, however, does not eliminate or limit liability of a director for breach of the duty of loyalty or for acts not taken in good faith.

Business Judgment Rule

Under Delaware law, directors and officers are entitled to a “presumption that in making a business decision [they] acted on an informed basis, in good faith and in the honest belief that the action taken was in the best interests of the company.”[3]  This presumption is known as the business judgment rule, and it exists to protect and promote the full and free exercise of powers granted to directors and officers of a Delaware corporation.  The presumption that directors and officers acted loyally can be rebutted by establishing that the officers or directors were either interested in the outcome of the transaction or otherwise lacked the independence to consider whether the transaction was in the best interest of the company and all of its stockholders.  If a plaintiff challenging a corporate transaction successfully rebuts the presumption, defendant officers and directors lose the protection of the business judgment rule, and the burden of proof shifts to the directors and officers–the proponents of the challenged transaction–to prove the entire fairness of the transaction to the corporation and its stockholders.[4]

Nine West

Background

In 2014, the private equity firm Sycamore Partners Management L.P. (“Sycamore”) completed a highly leveraged buyout of the Jones Group, a publicly traded Pennsylvania apparel company with brands like Nine West.[5]  Like many companies targeted by private equity firms, the Jones Group was struggling financially in the years leading up to 2014, although two of its signature brands, Kurt Geiger and Stuart Weitzman, were hitting earnings targets and were showing consistent growth.  Due to the struggles of its other brands, however, Jones Group sought to sell the business and retained Citigroup to serve as its advisor.  Citigroup advised the Jones Group that it could support a deal resulting in a debt to EBITDA ratio of 5.1 times its 2013 estimated EBITDA. 

Sycamore offered to buy Jones Group for $15 per share ($2.15 billion enterprise value), with a Sycamore affiliate (run by Sycamore) acting as the surviving company, to be named Nine West Holdings, Inc. (“Nine West”).  As part of the original agreement and plan of merger (“Merger Agreement”), the stockholders of Jones Group would be cashed out at $15 per share and they would thus no longer hold interests in Jones Group nor would they acquire interests in Nine West.  Sycamore was to contribute at least $395 million in equity and Nine West would increase its debt from $1 billion (the Jones Group’s pre-merger debt) to $1.2 billion.  Nine West’s two successful brands would act as “carve-out businesses” and would be sold separately to other Sycamore affiliates for less than their fair market value.  Thus, the struggling non-carve-out brands of Jones Group would become Nine West, while the two successful brands, Kurt Geiger and Stuart Weitzman, would be sold separately as part of a nearly concurrent sale to Sycamore.  The Merger Agreement contained a “fiduciary out” which allowed the Jones Group directors to withdraw their recommendation in favor of the deal if they determined doing so was required in order to comply with their fiduciary duties. 

The Jones Group board voted unanimously to approve the Merger Agreement.  However, before closing, Sycamore changed the deal terms drastically and reduced its planned equity contribution from $395 million to just $120 million.  To offset this adjustment, Sycamore arranged for Nine West to increase its debt from $1 billion to $1.55 billion rather than from $1 billion to $1.2 billion as originally planned.  These changes resulted in a post-merger debt ratio of 7.8 times Nine West’s EBITDA.  Throughout the deal process, the Jones Group board thoroughly investigated and considered the fairness of the proposed offer of $15 per share, concluding that it was a fair price for stockholders, but it allegedly did not consider the fairness or impact of the additional debt that would be taken on by the post-merger company, Nine West.  The board also allegedly did not investigate or consider the impact of the sales of the carve-out businesses on Nine West’s solvency or financial state. 

To get to a cheaper price for the carve-out businesses, Sycamore allegedly created unjustified EBITDA projections for the non-carve-out remaining businesses, as more value attributed to those businesses would make it easier to justify a discount sale price on the profitable carve-out businesses.  The Jones Group board was unaware of Sycamore’s alleged manipulations but did receive consistent updates on the struggles and financial decline of the non-carve-out businesses, along with optimistic projections for the carve-out businesses.  After the merger closed in 2014, Sycamore’s principals, Stefan Kaluzny and Peter Morrow, became the sole directors of Nine West.  As planned, Kuluzny and Morrow then immediately sold the carve-out businesses to a Sycamore affiliate for $641 million, despite an alleged $1 billion fair market value.  In connection with the Sycamore-Jones Group merger, stockholders brought a derivative suit against the Jones Group’s directors and officers.  That case settled in 2015. 

Four years after the merger with Sycamore closed, Nine West filed for bankruptcy.  As part of the Chapter 11 bankruptcy plan, a litigation trust was established, and the litigation trustee (hereinafter, “Plaintiff”) was empowered on behalf of the unsecured creditors to pursue all claims against directors and officers of Jones Group arising out of the 2014 transaction with Sycamore.  Plaintiff sued the directors and officers of Jones Group for breach of fiduciary duty and aiding and abetting breach of fiduciary duty, among other claims.  At their core, Plaintiff’s claims were based on the premise that the Jones Group directors and officers breached their fiduciary duties by not investigating whether the transaction “as a whole” would lead to the post-merger company’s bankruptcy, and relatedly whether they aided and abetted the subsequent breaches of fiduciary duties by the successor Nine West board (i.e., Sycamore).  The former directors of Jones Group moved to dismiss the Plaintiff’s claims for breach of fiduciary duty and aiding and abetting fiduciary duty. 

Legal Analysis

The Court denied the directors defendants’ motion to dismiss the breach of fiduciary duty and aiding and abetting claims.  In so holding, the Court, applying Pennsylvania law, began by analyzing whether the business judgment rule applied to the challenged transaction.  Plaintiff argued that the business judgment rule did not apply because the directors benefited from the deal by cashing out their own shares and were thus not disinterested.  The Court rejected this argument and explained that under Pennsylvania law, a director does not stand on both sides of a transaction solely because the director owns shares of the corporation and stands to benefit financially from a challenged transaction as a result of that ownership.  Nevertheless, the Court determined that the business judgment rule did not apply for the alternative reason that the director defendants did not (Plaintiff alleged) conduct a reasonable investigation into whether the transaction as a whole would render the surviving company insolvent.  The Court rejected the director defendants’ argument that they were not required to consider factors such as the additional debt Nine West would be taking on or the fairness of the sale of the carve-out businesses because such actions were technically completed by a subsequent board after defendants’ tenure as directors ended.  In rejecting this argument, the Court explained that multi-step LBO transactions like the one at issue can be treated as a single integrated plan for purposes of a fiduciary duty analysis, and that the director defendants ignored obvious red flags suggesting that the transaction would render Nine West insolvent post-merger.  As the business judgment rule presupposes directors made a business judgment, the Court would not afford the director defendants the protection of the rule with respect to matters that they allegedly did not consider.

The Court then determined that the Jones Group’s exculpatory provision did not preclude liability.  Pennsylvania law permitted the Jones Group to adopt bylaws limiting director liability except for cases where the breach constituted “self-dealing, willful misconduct, or recklessness.”[6]  The Court first confirmed that Plaintiff did not allege self-dealing, adopting the Delaware law approach where self-dealing meant that the director stood on both sides of the transaction.  Next, the Court found that Plaintiff alleged that the director defendants acted recklessly, such that the exculpatory bylaw did not shield them from liability.  The Court explained that the director defendants were alleged to have consciously disregarded the transactions involving the carve-out businesses and that the director defendants ignored red flags, such as the additional debt taken on and resulting EBITDA ratio, that, if adequately investigated, should have alerted them to the imminent insolvency of Nine West as a result of completing the unified Sycamore deal. 

In ultimately holding that Plaintiff adequately pled a claim against the directors for breach of fiduciary duty, the Court focused on (i) the treatment of the Sycamore LBO as a single unified transaction, and (ii) the director defendants’ failure to heed alleged red flags concerning Nine West’s potential post-transaction bankruptcy.  The Court explained that the actual merger, the post-merger sale of the carve-out businesses, and the planned increase in additional debt to be taken on by Nine West could be “collapsed” into a “single integrated plan,” essentially opening the door for liability for the directors based on their failure to consider “foreseeable” harm to the post-merger company stemming from the unified deal they approved.  Citing a District Court of Delaware case that applied Delaware law,[7] the Court made clear that even if directors do not approve a component of a transaction, they can be liable for the harm that the entire unified transaction causes the post-merger company.  The Court then explained that Plaintiff adequately alleged that the director defendants ignored red flags and failed to investigate the impact of the additional debt (and decreased equity) that would be taken on by Nine West due to Sycamore’s last-minute change to the deal structure.  Specifically, Plaintiff adequately alleged that the directors ignored the fact that the leverage ratio resulting from the additional debt would far exceed the amount recommended by their financial advisor.  The Court also explained that the directors failed to investigate the adequacy of the purchase price for the carve-out businesses and its impact on Nine West’s solvency given the additional debt Nine West was taking on, stating: 

The $2.2 billion valuation the company received in the 2014 transaction [with Sycamore], less the company’s $800 million historical purchase price for the carveout businesses, implied that [the non-carve-out businesses were] was worth no more than $1.4 billion. That knowledge should have alerted the director defendants that they needed to investigate [Nine West’s] solvency, given that Sycamore arranged, with their knowledge, for [Nine West’s] debt to be increased to $1.55 billion.

The Court also denied the director defendants’ motion to dismiss the claim for aiding and abetting the Nine West board’s breaches of fiduciary duty.  Applying Delaware law to this claim, the Court determined that the director defendants had knowledge that Kaluzny and Morrow, as directors of the post-merger company, would carry out the planned sales of the carve-out businesses, and that these planned transactions were reasonably likely to lead to Nine West’s insolvency.  The Court rejected the director defendants’ “senseless” argument that aiding and abetting can only occur when the fiduciary duty exists (i.e., after Kaluzny and Morrow became Nine West’s directors post-merger), thereby suggesting that if breaches of fiduciary duty by a successor board post-merger are foreseeable to the target company’s board pre-merger, and the merger is nevertheless approved by the preceding board, the preceding board can be liable for aiding and abetting the successor board’s breaches of fiduciary duty. 

Potential Impact of Nine West on LBOs

While the court in Nine West was only ruling on motions to dismiss (and thus made no factual findings or findings of liability), the decision could nevertheless have a chilling effect on the trend of leveraged buyouts by private equity firms.  While the decision is unlikely to change how private equity firms pursue, structure and carry out LBOs, it has the potential of giving directors of target companies pause in approving these kinds of transactions.  If directors face liability based on the impact an LBO has on the solvency and financial state of the surviving company, they may be less likely to approve the LBO, as directors’ focus will not be simply on maximizing shareholder value in the short-term, as is customary in a company sale situation.  Directors will be inclined to investigate the impact of debt taken on by the surviving company, seek additional fairness opinions, and even inquire into the acquiror’s financing obligations.  This could slow down a proposed LBO or cause it to be voted down by a cautious board.  

Delaware Courts’ Approach to Reviewing LBOs

A discussion of Delaware courts’ approach to director fiduciary duties in connection with LBO’s must begin with acknowledging the seminal decision, Smith v. Van Gorkom, which was the first decision in which the Delaware Supreme Court had the chance to review an LBO.[8]  In Van Gorkom, the Court analyzed the fairness of a leveraged purchase of TransUnion arranged by its CEO, and examined the related fiduciary duty obligations of TransUnion’s directors.  The Court held the directors monetarily liable for breaching their fiduciary duty of care as a result of not being fully informed about the transaction and the fairness of the price. The Court then provided guidelines for directors to follow in orchestrating and approving LBOs – a transaction type the Court criticized but did not prohibit.  The Delaware Supreme Court focused on the steps a board should take in informing itself of the adequacy of the price per share offered, and implied that a board should seek an outside valuation and fairness opinion in connection with evaluating an LBO.  Notably, however, the Court made no mention of a board’s obligation to discuss the impact of the transaction on the surviving company’s solvency or financial state.  

Delaware cases reviewing LBOs since Van Gorkom have similarly focused on the adequacy of the cash-out share price, the process in investigating and determining the fairness of the deal to the target stockholders, and the duty that directors have to maximize value for the stockholders.  The well-known Revlon decision, for example, involved a hostile takeover attempt by Pantry Pride, and a subsequent bidding war between Pantry Pride and a private equity “white knight.”[9]  The Delaware Supreme Court in Revlon explained that once it became clear that the LBO was imminent, “[t]he directors’ role changed from defenders of the corporate bastion to auctioneers charged with getting the best price for the stockholders at a sale of the company.”  Similar to the guidelines prescribed in Van Gorkom, the Court articulated context-specific “Revlon duties” which focused on a board’s obligation to maximize stockholder value and become fully informed of the fairness of the merger consideration to be paid to stockholders – again, with no consideration given to the financial state of the surviving company.  Years later, the Delaware Supreme Court, reviewing another LBO in Lyondell Chem. Co., confirmed that “directors must engage actively in the sale process, and they must confirm that they have obtained the best available price either by conducting an auction, by conducting a market check, or by demonstrating ‘an impeccable knowledge of the market.’”[10]  Again, no considerations were given by Delaware’s high court to the impact that the LBO (and associated assumption of significant debt) would have on the surviving post-merger company.  

Based on these cases, it appears there is no Delaware precedent that a Delaware court could rely on in reaching a holding similar to Nine West.  Nevertheless, in Time-Warner, the Delaware Supreme Court previewed the potential dueling considerations of a board in approving a deal that it believed aided the long-term interest of the company versus a deal that provided maximum short-term value for stockholders, stating:

First, Delaware law imposes on a board of directors the duty to manage the business and affairs of the corporation. 8 Del. Code § 141(a).  This broad mandate includes a conferred authority to set a corporate course of action, including time frame, designed to enhance corporate profitability.  Thus, the question of “long-term” versus “short-term” values is largely irrelevant because directors, generally, are obliged to chart a course for a corporation which is in its best interests without regard to a fixed investment horizon. Second, absent a limited set of circumstances as defined under Revlon, a board of directors, while always required to act in an informed manner, is not under any per se duty to maximize shareholder value in the short term, even in the context of a takeover.[11]

This language perhaps suggests that a board might have to consider the long-term solvency of the surviving company in approving a leveraged deal.  However, the focus in Time-Warner was again on the fairness of the stock price to the stockholders when they were cashed out, with no focus on the financial state of the surviving company, despite the highly leveraged nature of the transaction at issue. 

Indeed, no Delaware decisions appear to have analyzed whether a board has a fiduciary duty to investigate and consider the post-merger solvency of the surviving corporation in orchestrating and approving a transaction.  Delaware courts have, however, explored the competing fiduciary duties owed to stockholders versus creditors by directors of struggling companies nearing the “zone of insolvency.”  Such cases may shed light on whether directors of a Delaware corporation are required to consider the solvency of the separate, post-merger company, or if instead, they must maximize shareholder value irrespective of the impact that doing so has on the surviving company. 

For example, in Trenwick America Litigation Trust, a litigation trustee of the bankrupt Trenwick America Corporation (Trenwick America) and its parent company, asserted claims against the prior directors of both Trenwick America and its parent company for breach of fiduciary duty stemming from several acquisitions and restructurings orchestrated and completed by both Trenwick boards when the companies were still solvent.^[12]  The Court of Chancery dismissed all claims, and noted that in approving the pre-insolvency transactions, the directors were “expected to seek profit for stockholders, even at risk of failure,” regardless of the organization’s solvency status.  The Court also explained that because the company was solvent at the time of these challenged transactions, it owed no fiduciary duties to its parent company or the parent company’s creditors.  While much of the decision turned on Delaware law concerning fiduciary duties owed by a subsidiary to a parent, the decision contains dicta suggesting that directors of a then-solvent company may not be held liable retroactively (and post-bankruptcy) for breaching a fiduciary duty to future creditors based on transactions that occurred while the company was solvent (as seen in Nine West).  Indeed, the Court stated that “Delaware law does not . . . impose retroactive fiduciary obligations on directors simply because their chosen business strategy did not pan out.” 

Predicting how a Delaware court would decide Nine West

Key to the Nine West decision was the New York court’s view that the multi-step LBO at issue ought to be considered as a single unified transaction, such that the impact of the additional debt taken on by the surviving company and the subsequent sales of the carve-out business were reasonably foreseeable by the Jones Group board, and should have thus been investigated and considered.  Practically speaking, this view of this particular LBO finds support because the multiple post-merger transactions involving Nine West occurred nearly concurrently with the actual approved Jones Group-Sycamore merger.  Moreover, the directors allegedly knew such transactions were certain to occur immediately, as the approved cash out price of $15 per share was expressly dependent on the additional debt and sale of the carve-out businesses.  Given the nature and setup of this particular LBO, a Delaware court would likely follow the reasoning in Nine West and likewise view the multi-step LBO as one unified transaction for purposes of a fiduciary duty analysis. 

Adopting that view, and given the plaintiff-friendly motion to dismiss standard, a Delaware court may similarly sustain breach of fiduciary duty claims against directors for approving such a unified deal, but it would likely do so with considerable hesitation.  Specifically, a Delaware court would struggle with the notion that directors of a solvent company can retroactively owe fiduciary duties to creditors of a successor company, particularly when those directors approved the original deal (while solvent) in adherence with their duty to maximize shareholder value.  The Court of Chancery has already hinted at its disapproval of this notion (albeit in a very different context) in Trenwick. 

A Delaware court’s possible reluctance to expand the paradigm of fiduciary duties of directors in this broad way is justified given the derivation of a director’s fiduciary duties and the consequences of an LBO on a cashed-out stockholder.  A board owes fiduciary duties to a corporation and its stockholders and is charged with acting in the best interest of the stockholders.  In doing so, and in acting as an agent of the stockholders, the board must pursue a deal that serves the stockholders’ interests.  An LBO like the one completed in Nine West results in the complete cash out and termination of the stockholders’ interests in the target company.  It thus follows that the board can only serve the interests of the existing stockholders if it approves a deal that allows them to receive the highest value for their shares.  That the private equity acquiror uses large amounts of borrowed money to purchase the company is irrelevant to stockholders, as they receive cash whether the money is borrowed or not.  The post-merger transactions of the surviving company (in Nine West, the sale of the carve-out businesses) and their impact on the surviving company (Nine West) are similarly irrelevant to the stockholders, as they are to be cashed out, do not own shares of the surviving company, and thus are not impacted if the surviving company goes bankrupt due to these separate transactions.  Thus, the natural question arises: shouldn’t these considerations, which are irrelevant to the stockholders, also be irrelevant to the board charged with acting in the stockholders’ best interests?  A Delaware court may worry that requiring a director to account for the solvency of an entirely different, post-merger successor company (rather than simply maximizing shareholder value given that the shareholders are being cashed out) would run counter to the spirit of fiduciary duty law and inappropriately expand the range of fiduciary duties directors owe. 

A Delaware court may also take a different approach than the New York court in applying the Jones Group’s exculpation bylaw and analyzing the associated pleading requirements under Delaware law.  Unlike Pennsylvania law, Delaware law permits corporations to exculpate its directors for allegedly reckless acts.  Plaintiff in Nine West pled recklessness to overcome the business judgment rule and exculpation provision under Pennsylvania law, but would have to plead more under Delaware law – specifically a breach of loyalty or absence of good faith – in order to plead a non-exculpated claim.  A Delaware court thus might be more critical of the adequacy of the Plaintiff’s allegations, particularly as they concerned the director defendants’ knowledge and intent.  However, one can safely assume that Plaintiff, if before a Delaware court, could have alleged a conscious disregard of duties by the director defendants, amounting to a lack of good faith, thereby pleading a non-exculpated claim that is not shielded by the Jones Group’s exculpatory bylaw. 

Finally, a Delaware court would likely allow Plaintiff’s claim for aiding and abetting a breach of fiduciary duty to survive dismissal, just as the New York court did.  If the Delaware court, as predicted, viewed the LBO as a unified transaction, then it follows that a Delaware court would view approval of that transaction – which included the additional debt and carve-out business sale nearly concurrently with the merger – as knowingly aiding the Nine West board in breaching their fiduciary duties by completing those transactions and rendering Nine West insolvent.  However, a Delaware court would likely make this ruling based on the structure of the LBO and facts of the case, and would likely clarify that a board is not, as a general rule, responsible for “successor acts” of a succeeding board unless such acts were certain to occur if the core transaction was approved, as part of the unified transaction. 

Practice Points For Directors

• Price is not everything. Given the Nine West decision, directors of a target company are advised to consider all aspects of a potential transaction, including the impact that the deal will have on the solvency of the post-merger company.  Doing so is particularly critical when directors are reasonably certain that the surviving company is taking on considerable debt and is completing potentially detrimental transactions concurrently with the merger or shortly after the merger is complete. 
• Directors should continue to seek outside valuations and fairness opinions concerning the merger consideration but are also well-advised to consult with experts concerning the financial impact of the LBO on the post-merger company. Directors should obtain solvency analyses, inquire about the private equity acquiror’s transactional plans post-merger, ask about the buyer’s financing obligations, and adequately document the efforts taken to investigate these matters. 
• If the private equity acquiror changes the deal terms late in the process, directors should ask questions, ascertain the reasons for the change, and thoroughly investigate the impact of these changes – particularly increases in the debt that is to be used by the buyer in completing the leveraged purchase.  
• Directors should not ignore red flags. The directors in Nine West were alleged to have blindly accepted manipulated EBITDA calculations provided by Sycamore, and failed to investigate several glaring red flags, resulting in potential liability. 
• The company and its board should always obtain director and officer liability insurance, particularly in light of the potential increased risk of liability in approving an LBO.
• Directors should consult with outside counsel about fiduciary duty obligations and the fairness of all aspects of the LBO.

[1] In re Walt Disney Co. Deriv. Litig., 907 A.2d 693, 755-72 (Del. Ch. 2005).

[2] Rabkin v. Philip A. Hunt Chem. Corp., 547 A.2d 963, 970 (Del. Ch. 1986) (internal quotations omitted).

[3] Unitrin, Inc. v. Am. Gen. Corp., 651 A.2d 1361, 1373 (Del. 1993). 

[4] See, Cede & Co. v. Technicolor, Inc., 634 A.2d at 360-61.

[5] In re Nine W. LBO Sec. Litig., 2020 WL 7090277 (S.D.N.Y. Dec. 4, 2020).

[6] 15 Pa. Cons. Stat. § 1713(a).  Thus, Plaintiff was required to allege recklessness or self-dealing.  Compare with 8 Del. Code § 102(b)(7) (allowing corporation to exculpate directors for recklessness, but not breaches of the duty of loyalty or “for acts or omissions not in good faith or which involve intentional misconduct”).  

[7] In re Hechinger Inv. Co. of Delaware, 274 B.R. 71, 91 (D. Del. 2002).

[8] 488 A.2d 858 (Del. 1985).

[9] Revlon, Inc. v. MacAndrews & Forbes Holdings, Inc., 506 A.2d 173 (Del. 1986).

[10] Lyondell Chem. Co. v. Ryan, 970 A.2d 235, 243 (Del. 2009) (citations omitted) (internal quotation marks omitted).

[11] Paramount Commc’ns, Inc. v. Time Inc., 571 A.2d 1140, 1154 (Del. 1989) (emphasis added).

[12] Trenwick Am. Litig. Tr. v. Ernst & Young, L.L.P., 906 A.2d 168, 173 (Del. Ch. 2006), aff’d sub nom. Trenwick Am. Litig. Tr. v. Billett, 931 A.2d 438 (Del. 2007)

On June 11, in Yanbin Yu, Zhongxuan Zhang. v. Apple Inc., the Federal Circuit issued a decision finding that a claim directed to an improved digital camera was patent-ineligible under 35 U.S.C. § 101. This decision follows others from the Federal Circuit in which the court found claims containing mechanical components to be subject matter ineligible, including ChargePoint v. SemaConnect, 920 F.3d 759 (2019), The Chamberlain Group v. Techtronic Industries, 935 F.3d 1341 (2019), and American Axle v. Neapco, 939 F.3d 1355 (2019).

In the Yu case, the Federal Circuit considered the following claim:

1. An improved digital camera comprising:

a first and a second image sensor closely positioned with respect to a common plane, said second image sensor sensitive to a full region of visible color spectrum;

two lenses, each being mounted in front of one of said two image sensors;

said first image sensor producing a first image and said second image sensor producing a second image;

an analog-to-digital converting circuitry coupled to said first and said second image sensor and digitizing said first and said second intensity images to produce correspondingly a first digital image and a second digital image;

an image memory, coupled to said analog-to-digital converting circuitry, for storing said first digital image and said second digital image; and

a digital image processor, coupled to said image memory and receiving said first digital image and said second digital image, producing a resultant digital image from said first digital image enhanced with said second digital image.

In its eligibility determination, the court employed the two-step Mayo/Alice framework.[1] In step one, the court focused on the function of one of the components of the overall claim—the digital image processor—and found that the claim was directed to the abstract idea of “taking two pictures (which may be at different exposures) and using one picture to enhance the other in some way.” Plaintiffs argued the claims were directed to a patent-eligible application of the abstract idea. The court disagreed, noting that “the idea and practice of using multiple pictures to enhance each other has been known by photographers for over a century.”

The court further reasoned that (1) the claim recited only conventional camera components that perform their basic function, (2) the camera components describe a generic environment for carrying out the abstract idea, and (3) the solution described in the specification to problems identified in the prior art was the abstract idea itself. The court refused to give weight to the patent specification’s discussion of benefits and advantages over the prior art of a unique configuration of a four-lens, four-sensor embodiment because the claim was to a digital camera having two lenses and two sensors.

Finding that the claim was directed to an abstract idea, the court turned to step two of the Mayo/Alice test, concluding that the claim did not include an inventive concept sufficient to transform the claimed abstract idea into a patent-eligible invention. According to the court, the claimed configuration of two lenses, two sensors, and other mechanical and electrical components was not an advancement of the prior art and did not itself enhance one image by another. Plaintiff Yu argued that his configuration of the camera components was unconventional in nature and that the claim was allowed over a number of prior art references. The court responded by noting that even if a claim is novel, it is not necessarily patent-eligible.

Worth noting, Yu’s patent was found to be ineligible in the pleadings stage on a motion to dismiss before any discovery or expert testimony. The court dismissed Yu’s argument that the court should not find the patent ineligible without first hearing expert testimony.

In her dissent, Judge Newman stated that a statement of purpose or advantage—in this case, achieving a superior image—does not convert a device into an abstract idea. She viewed the claim to be for a digital camera having designated structure and mechanisms that perform specified functions, not for the general idea of enhancing camera images. She stated that the claimed digital camera “easily fits the standard subject matter eligibility criteria.” She criticized the majority’s decision as having enlarged the instability in technologic development created by the current state of section 101 law, stating “for the court holds that the question of whether the components of a new device are well-known and conventional affects Section 101 eligibility, without reaching the patentability criteria of novelty and nonobviousness.” Judge Newman concluded that the “fresh uncertainties engendered by the majority’s revision of Section 101 are contrary to the statute and the weight of precedent, and contrary to the public’s interest in a stable and effective patent incentive.”

The Federal Circuit’s decision in this case is another in which claims reciting structural limitations were found to be directed to an abstract idea. Even though the claim recited two image sensors arranged in a particular configuration with two lenses, circuitry, memory, and a digital image processor, it appears that because the claim also recited that the function of the digital image processor was to enhance a digital image, the Federal Circuit concluded that the claim is directed to ineligible subject matter. This begs the question—Would the result have been the same if the claim had not recited the function of enhancing a digital image? It’s possible the claim would have survived the pleadings stage and may have had a chance to be evaluated for the requirements of novelty and non-obviousness. In other words, patent drafters may want to carefully consider whether to include functional language in certain claims when doing so would expose the claim to the result reached in Yu v. Apple.

Looking at the broader issue, namely the continued extension of section 101 to claims that mostly recite structural elements, the decision seems to add more nuances to the Mayo/Alice two-step test. With respect to the first step, the decision suggests looking at the ultimate purpose of the claimed device to determine whether it is directed to an abstract idea, setting aside whether the claim includes structural elements. With respect to the second step, the decision emphasizes that if a claim is directed to an abstract idea, then the claim must include an inventive concept that matches the description of the advancement over the prior art in the patent specification. 

Finally, because the court affirmed an invalidity determination at the pleadings stage, the evidence considered was limited to the complaint and the patent. For example, no expert testimony was considered on the question of whether the claimed two-lens, two-sensor configuration was capable of achieving the inventive concept of enhancing one digital image using a second digital image. Rather, the court only considered that each time the patent specification suggested an advancement over the prior art, it was in connection with a four-lens, four-sensor configuration, and the court concluded that a two-lens, two-sensor configuration was not an advancement over the prior art. Had Yu included an expert declaration along with the complaint, or had the case advanced past the pleading stage, then expert testimony regarding the inventive concept might have been given some weight along with the patent specification and the court’s own views regarding the inventive concept.

[1] This framework was derived from the Mayo Collaborative Services v. Prometheus Laboratories, 566 U.S. 66 (2012), and Alice Corp. v CLS Bank Int’l, 573 U.S. 208 (2014), decisions.