The Telephone Consumer Protection Act (TCPA, or the Act) has limited telephone calls that can be placed using certain automated equipment since 1991. However, since passage of the Act, there has been considerable debate about the type of automated equipment subject to the Act’s restrictions. The TCPA specifically restricts the use of any “automated telephone dialing system” (ATDS). The statute defines ATDS as “equipment which has the capacity—(A) to store or produce telephone numbers to be called using a random or sequential number generator; and (B) to dial such numbers.” 47 U.S.C. § 227(a)(1).

In 1991, the use of “random or sequential” number-generating equipment was a big problem. The TCPA specifically took aim at telemarketers, who had no care for who received their calls, only that the recipient was a potential buyer for their good or service. Automated equipment gave these telemarketers the ability to place random or sequential calls very quickly, increasing the number of contacts they could make in a short period of time.

After passage of the TCPA, and with the introduction of newer and smarter lead-generation technology and telephony equipment, telemarketers soon realized it was more efficient and cost-effective to target specific customers and use technology that dialed from a list of numbers. Thus, telemarketers began using the same types of equipment used by creditors to contact their delinquent customers: predictive dialers.

Predictive dialers utilize technology that quickly dials from a list of numbers, identifies when a call recipient picks up a call, and routes that call to a live agent. For unanswered calls, which constitute the large majority of calls placed, the predictive dialer never sends that call to a human being, thus saving considerable resources for the calling party.

The Federal Communications Commission (FCC) is tasked with rulemaking and enforcement of the TCPA. In 2003, the FCC realized it had a problem. With telemarketers abandoning equipment that dialed in a “random or sequential” fashion, it needed a fix to ensure that the TCPA still provided protection to those seeking to avoid unwanted telemarketing calls. Thus, in 2003 the FCC issued a Band-Aid in the form of a new Report and Recommendation. See In re TCPA Rules & Regulations, 18 FCC Rcd. 14014, 14091 (2003) (2003 Order). The 2003 Order interpreted the term “ATDS” to include equipment that merely dialed numbers “from a database of numbers,” like a predictive dialer. Id.

Since 2003, federal courts and the FCC have grappled with how predictive dialers could constitute an ATDS when they seem to fall outside language of the statutory definition. In 2008, and again in 2015, the FCC reiterated that predictive dialers are, in fact, an ATDS. In 2018, the D.C. Circuit issued an opinion in ACA Int’l v. FCC, 885 F.3d 687, 702–03 (D.C. Circ. 2018), finding that the FCC’s prior broad interpretations of ATDS included more equipment than Congress intended (including smartphones) and would create unjust results. However, the D.C. Circuit did not specifically state that it invalidated all prior FCC rulings on the status of predictive dialers.

Later in 2018, the Ninth Circuit Court of Appeals issued a decision ignoring the FCC’s prior proclamations, but endorsing perhaps one of the broadest interpretations of the Act ever advanced by litigants. See Marks v. Crunch San Diego, LLC, 904 F.3d 1041, 1049 (9th Cir. 2018). The Marks court construed section 227 to cover devices with the capacity to automatically dial telephone numbers from a stored list or to dial telephone numbers produced from a random or sequential number generator.

As of Monday, January 27, 2020, this is where we stood. The Ninth Circuit, which has jurisdiction over territory that contains 20 percent of the U.S. population, had determined that TCPA lawsuits against callers using predictive dialers were permissible. The rest of the country faced the impossible task of interpreting a hodgepodge of different federal court decisions trying to harmonize the FCC’s prior guidance and the D.C. Circuit’s decision in ACA Int’l. Commentators wondered whether other federal circuit courts would now side with the Ninth Circuit in Marks, eliminating the need to review prior FCC orders and cleanly interpreting the statute favorably for consumers. However, the Eleventh Circuit had plans of its own.

In Melanie Glasser v. Hilton Grand Vacations Company, LLC, No. 18-14499 (11th Cir. Jan. 27, 2020), the Eleventh Circuit directly addressed the definition of “ATDS.” The Glasser case involved two plaintiffs. The first received 13 calls from Hilton, a timeshare marketer, about vacation opportunities. The second received 35 calls from a creditor about unpaid student loans. Both plaintiffs alleged they received calls from the defendant companies using an ATDS. In both cases, the companies used equipment that dialed numbers automatically from a list of telephone numbers.

The Glasser court was clear that the outcome of the case was dependent upon the interpretation of ATDS and took a shot at Congress, stating: “Clarity, we lament, does not leap off this page of the U.S. Code.” Id. at 6–7. Thus, both plaintiffs and defendants advanced their own interpretations of the statute, as follows:

After a painstakingly thorough review of the statutory language and analysis using a variety of principles of statutory interpretation, as well as conventional rules of grammar and punctuation, the court held in a 2-1 decision that the correct interpretation was that set forth by the defendants. The court advanced the following arguments in support of its conclusion:

• Conjoined verbs sharing a direct object. When two conjoined verbs (“to store or produce”) share a direct object (“telephone numbers to be called”), a modifier following that object (“using a random or sequential number generator”) customarily modifies both verbs.
• Placement of the comma. The comma separating the phrase “to store or produce telephone numbers to be called” from the phrase “using a random or sequential number generator” also indicated that the clause modifies both “store” and “produce.”
• Content of the words. Under the plaintiffs’ approach, the key modifier (“using a random or sequential number generator”) would rarely, if ever, make a difference. An interpretation in which a device is an ATDS merely by storing and dialing numbers, as the plaintiffs advocated, would include almost all dialing technology and make the modifier superfluous.
• Historical use of autodialing equipment. The regulatory record confirmed that, at the time of enactment, devices existed that could randomly or sequentially create numbers and (1) make them available for immediate dialing or (2) make them available for later dialing. Sometimes storage would happen; sometimes it would not.
• Context. The TCPA made it illegal to call “any 911 line” using an ATDS. The court stated that “[i]t suspends belief” to think that Congress passed the law to stop telemarketers from intentionally calling 911. Instead, the court concluded that Congress passed the law to prevent callers from accidentally reaching 911 lines by dialing randomly or sequentially generated telephone numbers.
• Contemporaneous understanding. In the first 12 years after enactment, it was generally understood that the TCPA did not apply to predictive dialers, but in 2003 the FCC determined that predictive dialers were subject to the statute. The court stated that the only changes during this time were technology and marketing strategies and that the FCC was trying to “pour new wine” into an “old skin” by making the ATDS definition cover predictive dialers. The court stated that Congress drafted the 1991 law for the moment but not for the duration, and that although the TCPA was successful in eliminating one pernicious form of telemarketing, it failed to account for how business needs and technology would evolve.
• Constitutional avoidance principles. The plaintiffs’ interpretation would mean that the TCPA restricts using cell phones to call other cell phones, which the court considered “a bridge too far.”
• The D.C. Circuit invalidated the FCC’s prior rulings. The D.C. Circuit invalidated the FCC’s prior rulings in ACA Int’l when it found that those orders were “inconsistent with reasoned decisionmaking.”

In addition, the court also addressed Hilton’s “Intelligent Mobile Connect” system, which requires significant human intervention in the form of programming from Hilton employees before placing calls. The court stated that even if it adopted the plaintiffs’ interpretation of ATDS, Hilton’s system still required enough human intervention to remove it from the definition of ATDS.

It is worth noting that in a lengthy dissent, Judge Martin disagreed with the interpretation set forth by the majority and sided instead with the statutory reading advanced by the Ninth Circuit in Marks. Judge Martin wrote that, in her opinion, “a machine may qualify as an autodialer based solely on its ability to store numbers.”

Following Glasser, it is clear that the Ninth Circuit and Eleventh Circuit are directly at odds. Now, with two circuit courts advancing diametrically opposed statutory interpretations, the remaining circuits will likely have to line up and pick sides.

On June 30, 2020, registered securities broker-dealers must begin their compliance with the new SEC Regulation Best Interest and Form CRS Relationship Summary/Form ADV Part 3,† which were announced by the Securities and Exchange Commission on June 5, 2019.[1] These new regulations were promulgated under authority given to the SEC by the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010. Regulation Best Interest has four components: (1) the disclosure obligation; (2) the care obligation; (3) the conflicts-of-interest obligation; and (4) the compliance obligation. The Form CRS Relationship Summary/Form ADV Part 3 imposes an obligation on both broker-dealers and investment advisers to provide a “Customer Relationship Summary” to retail investors. For broker-dealers, this form is called Form CRS; for investment advisers this form is Form ADV Part 3. This article provides basic preliminary guidance on how broker-dealers and investment advisers can prepare for the June 30 compliance date.

Before getting into the weeds, we should note that according to the SEC, the purpose of its adoption of the rule package consisting of Regulation Best Interest and Form CRS is to enhance protections and preserve choice for retail investors in their relationship with their financial professionals by bringing the legal requirements and mandated disclosures for both broker-dealers and investment advisers in line with reasonable investor expectations. The intent is to preserve access and choice in: (1) the type of professional with whom they work (i.e., broker-dealer and/or investment adviser); (2) the services they receive (transaction based or ongoing monitoring); and (3) how they pay for these services (commissions or fees).

In order to accomplish this goal, the SEC adopted Regulation Best Interest to apply only to retail customers of broker-dealers and not to investment advisers, who are already subject to the fiduciary standard of the 1940 Investment Advisers Act.[2] Reg. BI, as it is colloquially called, does not apply to institutional or other nonretail accounts, which remain subject to FINRA’s Suitability Rule 2111. Reg. BI imposes a heightened standard of care at the time of a recommendation to a retail customer and does not impose an ongoing duty to monitor existing accounts, thereby contrasting it with the fiduciary duties of investment advisers. The new regulations require a broker-dealer to act in the retail customer’s best interest and not place its own interest ahead of the customer’s interest. This obligation is akin but not identical to the fiduciary obligations imposed upon investment advisers.

Duty of Disclosure

First and foremost for broker-dealers scrambling to meet the June 30 deadline is the duty of disclosure. Some helpful guidance in this regard is provided by the Financial Industry Regulatory Authority (FINRA), which has published a Reg. BI and Form CRS firm checklist on its web page. Although the SEC regulations have prescribed the overall contents and format of the new disclosures required by Form CRS, they have not prescribed the format of the written disclosures required by Reg. BI. Under the Reg. BI disclosure obligation, a broker-dealer and registered representative are required, prior to or at the time of the recommendation, to provide the retail customer, in writing, with a full and fair disclosure of all material facts related to the scope and terms of the firm-customer relationship, and all material facts relating to conflicts of interest that are associated with the recommendation. At a minimum, the following disclosures are required: (1) all material facts relating to the scope and terms of the relationship with the retail customer, including: (a) that the broker-dealer and registered representative are acting as a broker, dealer, or associated person of a broker-dealer with respect to the recommendation; (b) the material fees and costs that apply to the retail customer’s transactions, holdings, and accounts; (c) the type and scope of services provided to the retail customer, including any material limitations on the securities or investment strategies involving securities that may be recommended to the retail customer; and (2) all material facts relating to conflicts of interest that are associated with the recommendation.

The regulations leave it to each individual firm to prepare its own Reg. BI written disclosure form and Form CRS/ADV Part 3. In other words, these are do-it-yourself forms, with some guidance in the form of a prescribed format and “conversation starters” required for Form CRS/ADV Part 3. Form CRS/ADV Part 3 may be no more than two pages for broker-dealers and investment advisers, whereas dual registrants are encouraged to combine their disclosures in a four-page document. Helpful guidance is provided in the instructions to Form CRS/ADV Part 3 and the FINRA Reg. BI checklist.[3] Among other things, Form CRS should have a basic introduction to the firm, a description of fees and costs generally, and a disclosure of any relevant disciplinary history of the firm and its principals. Although Regulation Best Interest does not by its terms apply to investment advisers, registered investment advisers are required to prepare and provide to clients a Form ADV Part 3, which must have the same information as Form CRS.

When should customers receive their new Form CRS? According to the SEC, the form should be completed and delivered to the customer at the time a new customer account is opened, or at the time of recommendation for an existing customer.[4] Although the new Form CRS may be delivered in paper or electronic format, it should be done prominently and must be the first document if provided with other materials.

In addition, it is incumbent upon the firm to explain to the customer the nature of the relationship and whether it is advisory or that of a broker. Under the new regulations, the moniker “adviser” can be used only by investment advisers and may not be used by registered representatives who are not dually registered. Thus, firms should, prior to June 30, undertake to review their brokers’ business cards, office signage, websites, and promotional material to ensure that the use of the word “adviser” is limited to registered investment advisors.

Some firms are undertaking firm-wide initiatives designed to encourage all brokers to become dually registered, which will certainly help simplify determining the applicable standard of care.

Duty of Care

The duty of care imposed on broker-dealers is one of the central pillars of the new regulations and imposes a heightened standard of care at the time of a recommendation akin to the fiduciary standard imposed on investment advisers under the 1940 Investment Advisers Act. Under the current FINRA suitability rule, a registered representative or broker-dealer must make a reasonable recommendation to buy or sell a security based upon the customer’s investment objectives, risk tolerance, investment time horizon, and other securities holdings as disclosed to the firm.[5] The care obligation of Reg. BI requires that when making a recommendation to a retail client, a registered representative must exercise reasonable diligence, care, and skill to: (1) understand the potential risks, rewards, and costs associated with the recommendation and to have a reasonable basis to believe that the recommendation could be in the best interest of at least some retail customers; (2) have a reasonable basis to believe that the recommendation is in the best interest of a particular customer based on the retail customer’s investment profile and the potential risks, rewards, and costs associated with the recommendation, and to not place the financial interests of the broker-dealer or registered representatives ahead of the interests of the customer; and (3) have a reasonable basis to believe that a series of recommended transactions, even if in the customer’s best interest when viewed in isolation, is not excessive and is in the customer’s best interest when taken together in light of the customer’s investment profile, and does not place the financial interests of the broker-dealer or registered representatives ahead of the interests of the customer.

Although the care obligation requires broker-dealers and registered representatives to consider and disclose to their customers the fees and costs involved, this is not the only criterion. The SEC recognizes that the cheapest product is not always the best product.

In addition, Reg. BI specifically applies not only to the recommendation of an individual security, but to the selection of an account as well. As the SEC has announced, Reg. BI is relevant to “whether clients were put in the right kind of accounts—brokerage or advisory—and whether they received sound advice on rolling over retirement funds from a 401K to an individual retirement account.”[6] Thus, a broker who recommends that a customer open an advisory account, as opposed to a brokerage account (or vice-versa), should be able to articulate how that choice of account benefits the customer. This is important for long-term buy-and-hold customers, who might not benefit from an advisory account, which would typically be charged an annual management fee of a percentage of assets under management. For example, imagine a hypothetical customer with a buy-and-hold investment strategy who is charged an annual management fee of one percent in an account that has no transactions of any nature for a period of five years. In this example, charging a customer an annual fee for reviewing and monitoring an account that sees little or no activity might be tantamount to “reverse churning” and might not pass muster under Reg. BI or, for that matter, the 1940 Act. The firm should be able to document and defend the reasonableness of its account selection recommendations.

Conflicts of Interest

Under Reg. BI, conflicts of interest must be disclosed and, if possible, mitigated. Thus, sales contests and quotas pegged to individual products or house products are unlikely to pass regulatory muster and could invite arbitration claims under the new regime. The whole purpose of Reg. BI of course is to place the customer’s interest above that of the broker, so registered representatives should be mindful of the obligation to place the customers’ interest above their own and to document and mitigate any potential conflicts. As mentioned, this principle should apply to sales quotas, sales contests, sales of proprietary products, and any consideration, such as bonuses or trips, offered by product issuers or underwriters.

Although disclosure of specific compensation amounts is not required, full and fair disclosure may require disclosure of the general magnitude of the compensation with respect to conflicts of interest. In this regard, a firm should consider whether to disclose its promissory notes to brokers and whether those promissory notes contain performance standards or “bogeys” that could also contribute to conflicts of interest. In addition, the firm should be able to show that it considered reasonably available alternatives to the products that were actually recommended, and that it can document that these alternatives were considered.

Compliance Obligations

FINRA member firms will be tested upon their compliance with the new regulations, especially in the first months. Firms should promptly begin preparing their Reg. BI written disclosure document and Form CRS/ADV 3 and educating their brokers on how and when to make disclosures to customers. In addition, FINRA member firms should write and implement policies and procedures and sales practice and supervisory manuals designed to ensure compliance with the regulations, and reach out to brokers in the field to educate them on the new requirements. Showing that their field brokers have been educated on the new regulations will help show the firms’ good-faith compliance.

Roadmap for Claimant’s Counsel?

Will the new requirements of Regulation Best Interest and Form CRS serve as a roadmap for claimants’ lawyers looking to bring additional arbitration claims? The answer is probably “yes.” No individual or organization is perfect, and imposing additional regulatory requirements on broker-dealers simply increases the risk that the firm will make one or more mistakes. Under the current suitability rule, claimants’ lawyers are already looking for conflicts of interest and failures to disclose, which they are more than happy to bring to the attention of regulators or arbitrators. Under the new regulations, these arguments will have the force and weight of law.

In many of the securities arbitrations we have seen, the claimants’ lawyers spend a lot of time and energy arguing that the respondent broker should be subject to a fiduciary standard. Those fights will be largely but not entirely obviated by Reg. BI. Now, the existing regulations effectively place the burden upon the broker to articulate why the recommendation was in the customers’ best interest. Moreover, the regulations expressly require the firm to consider other reasonable alternative investments that were available at the time of the recommendation. This will also increase the burden on the firm to justify the reasonableness of its recommendations. Although new Regulation Best Interest has increased the burden on registered broker-dealers, the new burden is not insurmountable. Rather, with thoughtfulness, compliance, and adequate education of their brokers, broker-dealers can bring their registered representatives into compliance with the new regulation. Under Reg. BI, it is important for brokers to contemporaneously document the reasons for their recommendations, the alternatives they considered, and why their recommendations serve the customers’ best interests.

† Barry R. Temkin is a partner at Mound Cotton Wollan & Greengrass LLP, with offices in New York, New Jersey, Florida, Texas, and California. He is also an adjunct professor of law at Fordham University School of Law, where he teaches courses on securities regulation and broker-dealer regulation. Cynthia L. King is a principal of the Law Offices of the Cynthia L. King, and former regional counsel for NASD District 3 in Denver, a position she held for 10 years. Mitchell Markarian is an attorney admitted to practice in New York, a graduate of New York Law School, and a claims professional at OneBeacon Insurance. The views expressed in this article are those of the authors alone, and not those of Mound Cotton, Fordham, OneBeacon, or FINRA.

[1] See Regulation Best Interest: The Broker Dealer Standard of Conduct, 84 Fed. Reg. 33, 318, 17 C.F.R. §240.

[2] 15 U.S.C. § 80b.1 et seq. (1990).

[3] See FINRA Reg. BI Form CRS Firm Checklist.

[4] Id.

[5] See FINRA Rule 2111, “Suitability.”

[6] Mark Schoeff, Jr., Reg. BI Test: Reasonableness, Investment News, Jan. 6, 2020, at 18.

Canadian entrepreneurs often look to the United States for the future financial prospects of their startups, primarily through development funding from angel investors and venture capitalists or a transformative exit deal with a larger acquirer. This reality raises the stakes on a key initial corporate decision of where to start their company, and can cause Canadian entrepreneurs to wonder whether they are better off incorporating in the United States.

On one hand, nine of the 10 largest Canadian venture capital financings in 2018 included direct investments from one or more U.S. venture capitalists, indicating that jurisdiction of incorporation does not impede the northbound flow of capital. Canada also offers attractive personal and corporate tax benefits to Canadian technology startups and their resident shareholders, the most notable of which are refundable tax credits for research and development activities that can be critical to a company in its initial development stages.

On the other hand, founders and early-stage investors are sometimes concerned that incorporating in Canada carries a negative perception bias in the U.S. market and that tax issues may limit opportunities for future cross-border financings or exits. Even if a founder is comfortable that a certain structure works in a tax-efficient way today, the rules could (and often do) change, rendering an established structure ineffective or inefficient.

Although any potential deal drag from an initial Canadian incorporation can generally be overcome (for example, by setting up a U.S. subsidiary, establishing sister companies on both sides of the border, or implementing an exchangeable share structure), the available solutions may be viewed by Canadian founders and shareholders, as well as U.S. investors and acquirers, as too complex and costly to implement or too likely to cause unwanted distraction or diversion of focus. The ultimate question here is: will the generous but likely short-term tax benefits available from the Canadian government frustrate a subsequently successful startup’s ability to fund its longer-term future growth?

We discuss the potential upside and downside of these choices. Is it ever in a founder’s interest to forgo “free money” in the form of refundable tax credits in Canada in hopes of facilitating smoother access to the U.S. capital and exit markets? Or is the Canadian tax regime for technology startups just too tempting to pass up? 

Upside Benefits

1. Canadian-Controlled Private Corporations

The principal advantage of incorporating in Canada are the incentives offered by the Canadian government to Canadian-controlled private corporations (CCPCs) for scientific research and experimental development (SR&ED) activities. Under the Canadian federal SR&ED program, CCPCs are eligible to receive refundable income tax credits at a 35-percent rate on qualified SR&ED expenditures, up to a maximum expenditure limit of C$3 million. In certain circumstances, qualifying SR&ED expenditures could be higher than the amount actually incurred for the purposes of the income tax credit. For example, a C$100 qualifying expenditure could be considered a qualifying expenditure of C$155 for the purposes of the federal tax credit, which would allow the corporation to benefit from a credit of approximately C$55 (or 35 percent of C$155). Where the refundable income tax credits exceed the taxes payable for the year, a qualifying CCPC is entitled to receive a cash refund from the Canadian government. As such, the cost of carrying on SR&ED activity in Canada could be significantly reduced by the SR&ED income tax credit incentives.

Key threshold questions for any founder, then, are whether the company is a CCPC and whether it qualifies for the SR&ED credit.

A CCPC is a corporation incorporated provincially or federally in Canada that is not “controlled” (in law or in fact) by one or more nonresidents of Canada or public companies. Practically speaking, and absent extenuating circumstances, startup technology companies with a majority of Canadian resident founders will have CCPC status.

Qualifying SR&ED expenditures include basic and applied research and experimental development costs for technological advancement for the purpose of creating new or improving existing materials, devices, products, or processes. For qualifying companies with a low amount of revenue and research and development expenses, these benefits can significantly aid in the viability of a company, particularly in its initial stages.

In considering the value of this benefit, founders and investors should be mindful that company growth can impair the availability of the SR&ED credit. Generally, taxable income above C$500,000 and taxable capital above C$10 million in a prior year can begin to reduce the availability of enhanced and refundable SR&ED credits available to a company.

Other benefits to qualifying as a CCPC include:

• Lower corporate tax rates on the first C$500,000 of active business income.
• Beneficial tax treatment for Canadian resident shareholders on the sale of shares of certain CCPCs, including (i) a one-time capital gains exemption (C$883,384 for 2020); and (ii) deferral of capital gains realized if the proceeds from the sale are reinvested in another CCPC, in each case, provided certain conditions are met.
• Beneficial tax treatment for certain Canadian resident arm’s-length employees on the exercise of options, including (i) a tax deferral until the employee disposes of the underlying shares (in contrast to non-CCPC options where the taxable benefit is realized at the time of exercise); and (ii) a deduction representing 50 percent of the benefit derived from the options on the sale of the underlying shares (even if the options were not granted at fair market value), provided the employee has held the shares for at least two years from the date of exercise (in contrast to non-CCPC options, which would only be eligible for the 50-percent deduction where the options were awarded with a fair market value exercise price).

As a result of these benefits, CCPC eligibility may well be the determining factor on where to establish the company. In fact, U.S. investors that are aware of these benefits may expect that any Canadian tech startup in which they are investing take advantage of, and maintain, CCPC eligibility as long as possible. Further, where Canadian resident founders have made the initial decision to incorporate their company in the United States, but come to realize that many of their R&D activities would be “SR&ED eligible,” it is not uncommon for such companies to look at options for reorganizing into a Canadian-based structure; however, these cross-border reorganizations involve additional cost and complexity, as explored further below.

2. Foreign Investment

The tax efficiency of investing in Canada has been made all the more important since tax barriers formerly placed on nonresident investors were removed. Previously, U.S. investors were subject to significant impediments to disposing of a cross-border investment by the Canadian tax regime, primarily in the form of requirements to apply for and obtain clearance certificates from the Canadian tax authorities, failing which large withholding requirements would be imposed on buyers. These barriers meant that most foreign investment (i) was done either through tax-favorable jurisdictions or countries that had entered into tax treaties with Canada to facilitate obtaining tax clearance certificates; or (ii) required the Canadian target to implement a share exchange structure (discussed below) or reorganize as a U.S. corporation. The removal of these barriers, which was brought about largely through advocacy efforts by U.S. investors, has made it much easier for Canadian startups to attract U.S. capital. This has permitted founders to focus on CCPC eligibility as the key determining factor on where to incorporate.

3. NVCA Documents

Practice has evolved over the past 10 years such that emerging companies in Canada are now commonly implementing National Venture Capital Association (NVCA)-style documents with which U.S. investors are familiar, but which have been modified to work in Canadian jurisdictions. This change has effectively eliminated a legal distinction that had given some U.S. investors pause when they considered investing in Canadian startups.

As a baseline, the corporate statutes in most Canadian jurisdictions, and certainly federally and in Ontario, are “modern” corporate statutes that reflect Delaware corporate law principles. Nevertheless, there are certain differences, such as the scope of fiduciary duties of the board, changes triggering class votes, shareholder consent requirements, and the availability of the oppression remedy that continue to distinguish the jurisdictions. The Canadian NVCA-styled documents are designed to harmonize the differences between Canadian corporate law and Delaware corporate law through contractual agreement. For example, many Canadian technology companies will provide for unanimous shareholder consent on written instruments and enumerate certain changes triggering class votes. They also address U.S. tax considerations that arise in connection with the ownership of a foreign corporation (e.g., PFIC and CFC rules). U.S. investors are familiar with and understand these documents, which leads to increased confidence and streamlined processes when looking for potential investments in Canada.

Downside Risks

Given the compelling CCPC benefits, what might make a forward-thinking or risk-averse founder consider incorporating in the United States?

1. Uncertain Withholding Regime?

First and foremost, any cross-border investment is inherently complex and comes with certain risks. This is because any investor or acquirer of a foreign business must first ask, “Can I get my investment back in a way that is tax efficient?” For example, will that investor be able to receive dividends or distributions from its investment without large withholding requirements? Will a non-U.S. acquirer be able to successfully integrate cash flows and efficiently manage the target in its existing structure? Are the entities able to share intellectual property and other facilities across the border? If the value created from the investment or acquisition cannot be taken out of the target company’s home jurisdiction in a meaningful way, the transaction may not be worth doing. This risk is amplified by the fact that most potential tax impediments apply when the foreign party is exiting from the investment (e.g., on sale of the shares), rather than at the time that the investment is made. This means that both the company and the investors must have confidence in the future tax regime between the applicable jurisdictions.

Canada and the United States are no exception to this. As mentioned above, prior to 2010, certain barriers were imposed on foreign investors of Canadian companies that resulted in many investors investing through other jurisdictions or not at all. Although these barriers have since been removed, there is no guarantee that the more tax-efficient regime will be permanent or that similarly efficient rules will stay in place. For example, U.S. tax reform (which occurred in late 2017) injected a great deal of uncertainty into the market for U.S. venture capital and private equity investment in non-U.S. portfolio companies when, as part of that overhaul, the U.S. government introduced the novel Global Intangible Low-Taxed Income (GILTI) tax regime. The GILTI rules, as enacted in the Internal Revenue Code, would have had a materially negative and disruptive impact on the U.S. taxation treatment of foreign investment by certain U.S. investors by effectively accelerating the taxation of foreign income and thereby creating a new and pervasive form of “phantom” income. Fortunately, the scope of the GILTI rules was substantially scaled back by Treasury Regulation issued in June 2019, but for this largely unanticipated and unexpected regulatory restraint imposed on the GILTI rules, the GILTI regime would have created significant issues for U.S. investors in foreign corporations, and Canadian startups would have certainly felt that effect. Thus, although current tax regimes support foreign investment in Canadian corporations, these recent tax considerations demonstrate that it is possible this may not be the case in the future.

2. Lack of Rollover Treatment

For forward-thinking founders, another consideration is the tax issues that can arise when a Canadian company is acquired by a foreign corporation. This is predominantly relevant where an acquirer wants to satisfy part (or in some cases, all) of the purchase price with its own shares—a common acquisition structure for technology companies. In Canada, shareholders of a target company are entitled to defer the taxes owing on consideration shares in a stock-for-stock deal until those shares are sold. This rollover treatment is not available, however, where the shares of a Canadian target are exchanged for shares of a foreign company.

This means that in cross-border, stock-for-stock deals, Canadian shareholders can be left with a tax bill without having received any cash to pay it. This can be particularly problematic for Canadian residents who have material accrued gains on their shares. Alternatively, in the face of objections from the Canadian shareholders to what is effectively a lower net-per-share price, the acquirer may not be able to use its equity for all or a portion of the purchase price, which could limit the universe of potential buyers to those who can pay with cash.

This risk to the buyer pool leads founders and investors to consider the longer-term impact on the location of incorporation of a company. To avoid the risk of impairing an exit deal with a U.S. buyer offering shares as consideration, or having no deal at all due to a diminished buyer pool, a founder may consider starting as a U.S. entity.

3. Is An Exchangeable Share Structure the Solution?

One thing to bear in mind when considering the above-noted exit risk (i.e., the risk that a startup’s Canadian shareholder base will object to a share-for-share exit deal involving a buyer’s U.S. shares due to lack of rollover treatment) is the complexity of the common “fix” to this risk. In what is often referred to as an “exchangeable share” structure, the U.S. acquirer will set up a Canadian corporation and authorize a class of exchangeable shares to be issued as consideration to the Canadian holders of the target shares. The exchangeable shares are meant to replicate the rights of the shares of the U.S. acquirer as much as possible, including the right to receive dividend payments in the same amount declared on the acquirer shares, the rights to receive acquirer shares on certain liquidity events, and the right to exchange the Canadian shares for acquirer shares on demand.

Although this is an effective and somewhat commonly used solution in a deal that would otherwise not result in rollover treatment for Canadian resident shareholders, it is complex and costly to implement. Furthermore, the lack of understanding of these structures by the companies involved, as well as by their shareholders and counsel, can lead to confusion during and after the acquisition. This typically arises when the shareholders attempt to sell or exercise other rights with respect to their exchangeable shares. Unfortunately, this means that the common fix is not always an effective solution.

4. Other Issues

Finally, a company may want to consider other factors, such as government grants that are only available to companies incorporated in the United States (e.g., the Small Business Innovation Research and Small Business Technology Transfer programs offered by the U.S. government); the location of its employees, customers, and suppliers; and whether the company intends to eventually move operations to the United States. Although each of these factors may not carry sufficient weight to give up tax benefits offered to CCPCs, particularly at the incorporation stage, they are worthwhile considerations at the outset given the difficulty, or in certain cases impossibility, of changing the jurisdiction of a company down the line.

5. Alternative Startup Structure

An alternative, which may be more appropriate where the startup is likely to have SR&ED-qualifying expenses but may not be or remain controlled by Canadians, is to implement what is known as a “SR&ED structure.”

A SR&ED structure is used where the operations of a business are run out of the United States, but the research and development activities are carried out in Canada by a corporation that qualifies as a CCPC. Various considerations between the relevant stakeholders must be carefully considered in these arrangements, including putting in place the requisite corporate and commercial protections.

In the appropriate circumstances, this type of dual arrangement can allow investors in a U.S. startup to benefit from Canada’s favorable SR&ED incentives, but these structures are complex and costly to implement and administer (e.g., consultation with legal and tax advisors is essential), which in some cases means these structures may not be a viable option for a startup without significant resources.

6. Corporate Migration Across the Canada-U.S. Border by a Continuance Can Be Complicated

An entity that wishes to migrate across the border can effect that change through a corporate restructuring or through the option of transferring its jurisdiction (known as a “continuance” under Delaware law) from Canada to the United States (or vice versa). Founders should be mindful, however, that a continuance can result in significant tax consequences in both Canada and the United States. Specifically, for Canadian tax purposes, the company continuing from Canada to the United States will be deemed to have disposed of all of its property at fair market value and will be required to pay income tax on the portion of its income and capital gain that is deemed to have been realized thereunder. In addition, the company must pay branch taxes equal to 25 percent of the excess of the fair market value of its assets over the total of the paid-up capital of its shares and outstanding debts. In addition, U.S. shareholders of the migrating Canadian company may be subject to current U.S. taxation in connection with the continuance (which is particularly unattractive, given that there is frequently no liquidity in connection with a continuance transaction).

In the other direction, when a U.S. corporation engages in a corporate law continuance out of the United States and into Canada, there is an important threshold question of whether that migration will accomplish any U.S. tax effect at all. More particularly, the U.S. anti-inversion rules are designed with the specific purpose of preventing corporate expatriation out of the United States. When applicable, these rules can apply to treat the continued corporation as if it remained a U.S. corporation for all U.S. federal income tax purposes (even though, as a corporate law matter, the redomiciled entity is a Canadian corporation). The anti-inversion rules are notoriously complex and, by way of summary, make it difficult for a U.S. corporation to successfully expatriate to a non-U.S. jurisdiction, unless the corporation has “substantial business activities” (i.e., substantial income, assets, and employees) in the new foreign jurisdiction. If the U.S. corporation expatriating to Canada falls victim to the U.S. anti-inversion rules, it will be in the unenviable situation of concurrently being treated as a U.S. corporate taxpayer for U.S. tax purposes and a Canadian corporate taxpayer for Canadian tax purposes. For some corporations, this dual status can be managed, but for many others it is unworkable.

Even if the expatriating U.S. corporation is able to avoid the application of the anti-inversion rules, the continuance itself may carry hefty U.S. taxation. In particular, the continuance: (i) is likely to trigger corporate-level tax for the U.S. corporation (i.e., the continued U.S. corporation would be subject to U.S. federal income tax, currently at a rate of 21 percent, on the built-in gain (if any) in its assets at the time of continuance); and (ii) is generally taxable for U.S. shareholders of the continuing corporation if they have built-in gain in their shares of the U.S. corporation at the time of the continuance. In some cases, these issues can be managed through structuring or otherwise, but the process of systematically identifying and addressing the relevant tax issues can make the migration a complicated (and costly) undertaking.

Conclusion

For Canadian startup companies with anticipated research and development expenses, particularly in its initial years, incorporating in Canada to take advantage of the tax advantages offered by the Canadian government makes a lot of sense.

Alternatively, if an entrepreneur with sufficient resources for legal costs anticipates both operating in the United States and qualifying for CCPC status, it may be worth considering alternate arrangements that can still preserve certain benefits of Canada’s SR&ED regime.

On the other hand, even though the tax regimes in Canada and the United States have been supportive of cross-border investment over the past decade, an entrepreneur who anticipates acquisition by a U.S. company, particularly in the near term, may choose a different path. The entrepreneur may choose to forego the potential upfront tax incentives offered by the Canadian government’s SR&ED credits and proceed by incorporating in the United States in a bid to ensure the widest universe of potential buyers and eliminate the possible need to rely on complex exit mechanics, such as exchangeable share structures, which might impair an otherwise smooth exit transaction.

Incorporating in Canada is a viable and often compelling option, but there is no “one size fits all” solution, and savvy founders are advised to consider the issues so that they can make an informed decision.

The Fair and Accurate Credit Transactions Act (FACTA), 15 U.S.C. § 1681 et seq., prohibits merchants from including, among other information, credit- and debit-card expiration dates on printed receipts.* See 15 U.S.C. § 1681c(g)(1). After this provision originally became effective in 2004, plaintiff class-action firms flooded courts with expiration date lawsuits, which courts and others “met with varying degrees of contempt.” Sieber v. Havana Harry’s, 604 F. Supp. 2d 1368, 1369 (S.D. Fla. 2009).

Congress eventually amended FACTA in 2008 to include findings that the presence of credit- and debit-card expiration dates on printed receipts does not increase a consumer’s risk of identity theft. See Pub. L. No. 110-241, § 2(a)(6). Due in large part to Congress’s 2008 clarification, most federal circuits now hold that FACTA expiration date claims fail to allege the bare minimum injury in fact needed for federal courts to exercise jurisdiction. See, e.g., Meyers v. Nicolet Rest. of De Pere, 843 F.3d 724, 727–28 (7th Cir. 2016). Nevertheless, plaintiffs continue to file these claims in state court to avoid this federal jurisdictional bar. Although some question whether Congress can allow plaintiffs to bring federal claims in state court that they could not bring in federal court, most FACTA expiration date claims should in any event fail on the merits.

If a FACTA plaintiff suffers no actual damages, then he or she must demonstrate willful noncompliance to recover statutory or punitive damages, which entitles his or her attorneys to recover their reasonable fees. See, e.g., 15 U.S.C. §§ 1681o, 1681n. Willfulness under FACTA requires either known or reckless misconduct. See, e.g., Safeco v. Burr, 551 U.S. 47, 57 (2007). Given that few, if any, merchants would truncate the card number but leave the expiration date just to flout the will of Congress, most FACTA expiration date claims do not implicate the voluntary, intentional, or deliberate misconduct needed to show known violations. See, e.g., Howard v. Hooters, No. H-07-3399, 2008 U.S. Dist. LEXIS 30776 *3 (S.D. Tex. Apr. 5, 2008). Thus, liability typically hinges on whether the merchant’s noncompliance can qualify as reckless, i.e., whether the merchant disregarded an unjustifiably high risk of harm to the consumer. See Vidoni v. Acadia, No. 11-cv-448, 2012 U.S. Dist. LEXIS 59967 *6–*16, 2012 WL 1565128 (D. Maine Apr. 27, 2012).

Plaintiffs cannot as a matter of law demonstrate that a merchant’s alleged FACTA violation disregarded an unjustifiably high risk of harming consumers if Congress specifically found that the alleged violation by itself does not increase the risk of harm to consumers. See, e.g., Vidoni, 2012 U.S. Dist. LEXIS 58867, *15. Accordingly, where a plaintiff can only allege that the merchant included a credit- or debit-card expiration date on a printed receipt, without more, courts should dismiss willful noncompliance claims under FACTA with prejudice at the pleading stage.

FACTA and the Clarification Act

In 2003, Congress enacted FACTA as an amendment to the Fair Credit Reporting Act (FCRA), 15 U.S.C. § 1681 et seq., “in response to what it considered to be the increasing threat of identity theft.” Meyers, 843 F.3d at 725. FACTA requires merchants to truncate all but the last five digits of a consumer’s credit or debit card on electronically printed receipts. See 15 U.S.C. § 1681c(g)(1). The merchant must also truncate the card’s expiration date. Id. Negligent noncompliance allows consumers to recover actual damages. See 15 U.S.C. § 1681o. If consumers do not suffer actual damages, then they must show willful noncompliance to recover statutory or punitive damages. See 15 U.S.C. § 1681n.

Congress provided merchants a safe-harbor period to comply with FACTA’s requirements, setting December 4, 2004, as the earliest possible date the act would subject merchants to potential liability. See, e.g., 15 U.S.C. § 1681n(g)(3). “Almost immediately after Congress’ deadline for compliance with FACTA’s substantive provisions, scores of class action lawsuits were filed—many against small businesses.” Sieber, 604 F. Supp. 2d at 1369. “These suits were met with varying degrees of contempt from district courts, the national business lobby, and Congress.” Federal courts “bemoan[ed] the destructive effects” of these types of claims, and they “characteriz[ed] the many FACTA class actions as a great waste of judicial time and effort.” (Quotations omitted.)

Notably, all federal circuits to have expressly considered the issue now refuse to even hear class-action lawsuits alleging that merchants printed credit- and debit-card expiration dates on receipts, without more, because they find the allegations insufficient to establish the bare minimum injury needed to give federal courts standing to consider the dispute. See, e.g., Jeffries v. Volume Servs. Am., 928 F.3d 1059, 1066 (D.C. Cir. 2019) (circuit courts “have unanimously concluded that a FACTA violation based solely on a failure to truncate an expiration date does not qualify as a concrete injury in fact”). Accordingly, some plaintiff class-action firms are bringing these “great waste[s] of judicial time and effort” to state courts instead.

In 2008, responding to “a spate of lawsuits against merchants who printed receipts showing credit card expiration dates,” Congress passed the Credit and Debit Card Receipt Clarification Act (Clarification Act). Basset v. ABM Parking, 883 F.3d 776, 778 (9th Cir. 2017). The Clarification Act found that “[e]xperts in the field agree that proper truncation of the card number, by itself . . . regardless of the inclusion of the expiration date, prevents a potential fraudster from perpetrating identity theft or credit card fraud.” Pub. L. No. 110-241, § 2(a)(6). It therefore amended FACTA “to ensure that consumers suffering from any actual harm to their credit or identity are protected while simultaneously limiting abusive lawsuits that do not protect consumers but only result in cost to business and potentially increased prices to consumers.” Id. § 2(b).

More specifically, Congress added the following provision to the section governing civil liability for willful noncompliance:

For the purposes of this section, any person who printed an expiration date on any receipt provided to a consumer cardholder at a point of sale or transaction between December 4, 2004, and June 3, 2008, but otherwise complied with the requirements of section 1681c(g) of this title for such receipt shall not be in willful noncompliance with section 1681c(g) of this title by reason of printing such expiration date on the receipt.

15 U.S.C. § 1681n(d). Congress did not amend the substantive language governing FACTA’s truncation requirements for electronically printed receipts. See 15 U.S.C. § 1681c(g).

Congress Amended FACTA to Limit Abusive Lawsuits and Protect Small Businesses

The Clarification Act did not remove FACTA’s requirement that merchants redact credit- and debit-card expiration dates. See 15 U.S.C. § 1681c(g)(1). When passing the bill, individual members of Congress confirmed that the Clarification Act “does not eliminate a business’s obligation to . . . redact the expiration dates from its receipts” and “[g]oing forward, companies will still have to meet the same strict rules Congress originally passed.” 154 Cong. Rec. E925, 925 (May 14, 2008); 154 Cong. Rec. S4439, 4440 (May 20, 2008). Nevertheless, the Clarification Act’s express findings cast substantial doubt on whether printing expiration dates alone can constitute willful misconduct. See Pub. L. No. 110-241, § 2(a)(6).

As one federal court explained: “the Clarification Act reflects Congress’ view that FACTA went too far in subjecting small businesses to potentially crippling class action lawsuits where only an expiration date was printed on an otherwise redacted credit card receipt.” Sieber, 604 F. Supp. 2d at 1371. Thus, as another federal court recognized, “the statute changed the type of relief one can obtain when a merchant fails to redact the expiration date from a credit card receipt but otherwise complies with FACTA.” Barbieri, 2009 U.S. Dist. LEXIS 9309, *14. “Before the Clarification Act, the failure to redact the expiration date could constitute a willful violation; however, after the Clarification Act, it cannot (provided that the other provisions of FACTA are followed).” Id. at *10.

Some federal district courts construe the Clarification Act’s date ranges to suggest that Congress only meant to extend its original safe-harbor period to June 3, 2008, meaning that failing to truncate the expiration date after June 3, 2008, can still possibly constitute willfulness under FACTA. See, e.g., Hepokoski v. Brickwall of Chicago, No. 09 C 611, 2009 U.S. Dist. LEXIS 122389 *8, 2009 WL 5214311 (Sept. 22, 2009). They find that any reading extending the Clarification Act’s amendment beyond June 3, 2008, renders inclusion of the June 3, 2008 date superfluous. Id. Importantly, however, these interpretations ignore the impact of the Clarification Act’s findings and stated purpose, and many state courts do not consider district court opinions controlling, even on matters of federal law. See, e.g., State v. Burnett, 93 Ohio St. 3d 419, 424 (2001); Pacific Shore Funding v. Lozo, 138 Cal. App. 4th 1342, 1352 (2d Dist. 2006).

As noted, Congress amended FACTA to protect small businesses from “potentially crippling class action lawsuits where only an expiration date was printed.” Sieber, 604 F. Supp. 2d at 1371. It seems unlikely that Congress intended the Clarification Act to merely delay abusive lawsuits from crippling small businesses until after the amendment went into effect. It more likely intended the opposite. If Congress meant for the Clarification Act to continue allowing FACTA plaintiffs to cripple small businesses that only printed an expiration date, then it would not have specified that “[t]he purpose of this Act is to ensure that consumers suffering from any actual harm to their credit or identity are protected while simultaneously limiting abusive lawsuits that do not protect consumers but only result in increased cost to business.” Pub. L. No. 110-241, § 2(b).

Relatedly, FACTA specifically allows federal regulatory agencies and state attorneys general to enforce the statute outside the civil liability provisions for private litigants. See 15 U.S.C. § 1681s. In other words, Congress’s decision to protect merchants from expansive liability for conduct creating no risk to consumers does not relieve merchants from their obligation to redact expiration dates. Rather, it prevents consumers never exposed to even a possible risk of harm from initiating private litigation to recover small awards for statutory damages so their attorneys can seek large awards for fees. Nothing in FACTA indicates that Congress intended the statute as a fund-raising mechanism for private attorneys. See Batra v. RLS Supermarkets, No. 16-cv-2874-B, 2017 U.S. Dist. LEXIS 125877 *10, 2017 WL 3421073 (N.D. Tex. Aug. 9, 2017) (“While Congress undoubtedly hoped that FACTA would reduce identity theft, it does not follow that Congress contemplated private actions by individuals who have not sustained any actual harm.”) (internal quotations omitted).

Typical Allegations in Expiration Date Claims Cannot Constitute Willfulness

FACTA expiration date claims typically include mostly the same allegations: (1) that merchants had substantial time to comply with the requirements after the act’s effective date; (2) that FACTA’s obligations received widespread public attention, including through guidance issued by regulatory agencies, trade associations, and similar organizations; (3) that major credit-card companies ordinarily incorporate FACTA’s requirements into their contracts with merchants; and (4) that most businesses know about and follow the law. See, e.g., Vidoni, 2012 U.S. Dist. LEXIS 58867, *4–*5; Seo v. CC CJV Am. Holdings, No. CV 11-05031, 2011 U.S. Dist. LEXIS 120246 *4–*5, 2011 WL 4946507 (C.D. Cal. Oct. 18, 2011); Gardner v. Appleton Baseball Club, Inc., No. 09-C-705, 2010 U.S. Dist. LEXIS 31653 *9, 2010 WL 1368663 (E.D. Wis. Mar. 31, 2018); Rosenthal v. Longchamp Coral Gables, 603 F. Supp. 2d 1359, 1361 (S.D. Fla. 2009).

Before most circuits confirmed that FACTA expiration date claims do not allege sufficient injury to implicate Article III jurisdiction, district courts split on whether these allegations alone could withstand motions to dismiss. Compare Komorowski v. All-American Indoor Sports, No. 13-2177, 2013 U.S. Dist. LEXIS 125747, 2013 WL 4766800 (D. Kan. Sept. 4, 2013) with Lavery v. Radioshack, No. 13-cv-5818, 2014 U.S. Dist. LEXIS 85190, 2014 WL 2819037 (N.D. Ill. June 23, 2014). However, a careful reading of the Clarification Act, along with Congress’s express findings and statement of purpose, suggests that electronically printing expiration dates on credit- and debit-card receipts cannot, by itself, constitute willfulness as a matter of law.

Knowing Violations Require Voluntary, Intentional, or Deliberate Conduct

Willfulness under FACTA requires not only that the merchant knew about the act, but that it “voluntarily or intentionally violated it.” Vidoni, 2012 U.S. Dist. LEXIS 59967, *9. “Merely being aware of a statute [ ] is insufficient to state a claim for willfulness.” Id. *11. Plaintiffs must also allege “a voluntary, deliberate, or intentional violation.” Id. See also Howard, 2008 U.S. Dist. LEXIS 30776, *2 (“To have willfully violated the statute, [the defendant] must have knowingly or recklessly disregarded it, purposefully exposing its customers to identity theft.”).

The typical FACTA expiration date allegations cannot support the voluntary, deliberate, or intentional misconduct required for knowing violations. Some courts have found knowing violations based on additional allegations, such as: (1) the merchant disregarding recommendations from a third-party contractor hired to ensure FACTA compliance; (2) the merchant choosing not to update its systems to avoid incurring the additional expense of reprogramming its machines; and (3) the merchant having been named in previous FACTA lawsuits alleging the same violations. Bouton v. Ocean Props., 201 F. Supp. 3d 1341, 1350 (S.D. Fla. 2016); Zaun v. Tuttle, No. 10-2191, 2011 U.S. Dist. LEXIS 47916 *5–*6, 2011 WL 1741912 (D. Minn. May 4, 2011); Steinberg v. Stitch & Craft, No. 09-60660, 2009 U.S. Dist. LEXIS 72908 *6–*7, 2009 WL 2589142 (S.D. Fla. Aug. 18, 2009). However, most plaintiffs bringing FACTA expiration date claims must rely on the merchant’s alleged recklessness to establish willfulness.

Recklessness Requires Risk of Harm

“To sustain a claim for recklessness [under FACTA], the Plaintiff is required to allege that the Defendant disregarded an ‘unjustifiably high risk of harm’ to its customers by failing to omit expiration dates from its receipts.” Vidoni, 2012 U.S. Dist. LEXIS 59967, *15 (quoting Safeco, 551 U.S. at 68). Multiple federal courts to have examined the issue conclude that a merchant cannot disregard an unjustifiably high risk of harm by printing expiration dates on its receipts because Congress specifically found that printing the expiration date, without more, creates no risk of harm, much less an unjustifiably high one. Id. See also, e.g., Gardner, 2010 U.S. Dist. LEXIS 31653, *17 (noting based on the Clarification Act that “it is far more likely that the violation was merely negligent, if even that”); Rosenthal, 603 F. Supp. 2d at 1362 (agreeing with argument that “the mere allegation that Defendant failed to delete the expiration date cannot by itself establish a willful reckless violation of the statute”).

Federal courts mostly agree that FACTA can create liability for willful violations even where no actual harm occurs. See, e.g., Ramirez v. Midwest Airlines, 537 F. Supp. 2d 1161, 1168 (D. Kan. 2008). Nonetheless, the U.S. Supreme Court confirms that recklessness requires “an unjustifiably high risk of harm that is either known or so obvious that it should be known.” Safeco, 551 U.S. at 68 (emphasis added). See also Gardner, 2010 U.S. Dist. LEXIS 31653 *17 (“given the fact that no additional protection of the consumer is achieved by deleting the expiration date, it can hardly be said that its action ‘entail[ed] an unjustifiably high risk of harm that is either known or so obvious that it should be known’”) (quoting Safeco).

Thus, the issue is not whether printing the expiration date actually harms the consumer; Congress itself confirmed that it cannot. See Pub. L. No. 110-241, § 2(a)(6). The issue is whether printing expiration dates creates even the possibility of harm to the consumer, i.e., whether the merchant ignores an unjustifiably high risk of known or obvious harm. See, e.g., Safeco, 551 U.S. at 68. It does not. See, e.g., Vidoni, 2012 U.S. Dist. LEXIS 59967, *15; Gardner, 2010 U.S. Dist. LEXIS 31653 *17; Rosenthal, 603 F. Supp. 2d at 1362.

FACTA’s Statutory Structure Requires a Risk of Harm

Some federal courts have rejected the risk of harm component of recklessness under FACTA. See, e.g., Ramirez, 537 F. Supp. 2d at 1169. For example, before Congress enacted the Clarification Act, at least one district court determined that “it is the reckless disregard of statutory duties (not harm) that makes a violation willful.” Id. However, such opinions improperly ignore FACTA’s statutory structure for civil liability. See 15 U.S.C. §§ 1681n, 1681o.

Under FACTA, negligently failing to comply with statutory requirements subjects an actor to liability for a consumer’s actual damages. See 15 U.S.C. § 1681o. In contrast, willfully failing to comply can subject the actor to liability for statutory and punitive damages even without actual damages. See 15 U.S.C. § 1681n. This statutory structure makes rational sense when viewed in the context of the act’s purpose to mitigate the risk of identity theft and credit-card fraud. See Pub. L. No. 110-241, § 2(a)(1) (FCRA’s purpose is to restrict “access to consumers’ private financial and credit information in order to reduce identity theft and credit card fraud.”).

For instance, if an actor negligently violates a statutory duty under FACTA in a way that could pose a risk to a consumer (i.e., unreasonably creates a risk of identity theft or credit-card fraud) then the statute makes the actor liable for the actual damages from any harm caused to the consumer. See, e.g., 15 U.S.C. § 1681o. If an actor willfully violates a statutory duty in a way that could pose a risk of harm to a consumer (i.e., knowingly or recklessly creates an unjustifiably high risk of identity theft or credit-card fraud), then the statute makes the actor liable for statutory and punitive damages regardless of whether the consumer suffered any actual injury. See, e.g., 15 U.S.C. § 1681n. This system of increasing civil liability makes intuitive sense.

However, if the analysis removes the requirement for some degree of consumer risk, the system no longer makes intuitive sense. Without consumer risk of harm, technical statutory violations that do not create any risk and cannot cause any harm, but are deemed “willful,” would expose small businesses to liability for statutory and even potentially punitive damages while more serious substantive violations that cause harm, but are deemed merely “negligent,” would expose the same businesses to liability for only actual damages. See 15 U.S.C. §§ 1681n, 1681o. Courts should not interpret consumer protection statutes such as FACTA to compel such an absurd result. See, e.g., Jerman v. Carlisle, McNellie, Rini, Kramer & Ulrich, 559 U.S. 573, 600 (2010).

Relatedly, as discussed above, Congress amended FACTA’s civil liability provisions “to ensure that consumers suffering from any actual harm to their credit or identity are protected while simultaneously limiting abusive lawsuits that do not protect consumers.” Pub. L. No. 110-241, § 2(b). FACTA accomplishes this objective in part by increasing the level of liability for conduct based on different degrees of consumer risk. See 15 U.S.C. §§ 1681o, 1681n. Under an analysis that did not consider consumer risk, courts would determine liability, regardless of whether the lawsuit protects consumers, based solely on whether the merchant “willfully” created no threat of harm to consumers or just “negligently” created no threat of harm to consumers. Again, courts should not interpret consumer protection statutes like FACTA to compel absurd results. See Jerman, 559 U.S. at 600.

Put differently, even if the court asks whether the merchant recklessly disregarded “statutory duties (not harm),” as some courts may consider appropriate (see, e.g., Ramirez, 537 F. Supp. 2d at 1169), that question lacks any meaning without considering risk. What qualifies as “recklessly” disregarding a statutory duty to protect consumers if it does not require disregarding an unjustifiably high risk of harming consumers? Federal courts are clear that a merchant who implements an objectively reasonable policy that still fails to comply with the law only negligently violates the statute. See, e.g., Long v. Tommy Hilfiger, 671 F.3d 371, 376–77 (3d Cir. 2012). Thus, only an objectively unreasonable policy recklessly violates the statute. Id. See also Safeco, 551 U.S. at 69. So what constitutes an objectively unreasonable policy for truncating expiration dates?

In the context of FACTA expiration date claims, the merchant: (1) knows about expiration date truncation requirement and intentionally ignores it for some financial motive; (2) knows about the requirement and attempts to truncate the expiration date but fails; or (3) does not know about the requirement. No other possibilities exist.

Some courts consider the first situation, knowing about the truncation requirements and intentionally ignoring them for financial gain, to constitute a knowing violation. See, e.g., Zaun, 2011 U.S. Dist. LEXIS 47916, *5–*6 (denying motion for judgment on pleadings where defendant allegedly fired third-party compliance administrator who warned it to upgrade systems to comply with FACTA to save money). The second situation, knowing about the truncation requirement and attempting but failing to comply, would presumably constitute at most a negligent violation. See, e.g., Long, 671 F.3d at 377.

That leaves only the third situation, not knowing about the truncation requirement, to potentially qualify as reckless. However, a merchant who fails to implement a policy to truncate expiration dates because it did not know about the requirement necessarily does not implement an objectively unreasonable policy. It does not implement any policy at all.

Relatedly, if not knowing about the requirement qualified as reckless by itself, then a merchant’s potential liability would nonsensically bounce back and forth from liability for not knowing about its statutory duties, to effectively no liability for inadvertently failing to comply with known statutory duties, and then back to liability for intentionally ignoring known statutory duties. See, e.g., 15 U.S.C. §§ 1681n, 1681o. This ping-pong effect on potential liability lacks the same intuitive sense accompanying an interpretation that recognizes risk of harm as a component of recklessness.

Congress Did Not Create Civil Liability for All FACTA Violations

Moreover, removing consumer risk of harm from the willfulness analysis improperly imposes civil liability on merchants for all FACTA expiration date violations, despite Congress specifically limiting civil liability to only negligent or willful noncompliance. See 15 U.S.C. §§ 1681n, 1618o. See, e.g., Gardner, 2010 U.S. Dist. LEXIS 31653, *15 (if printing expiration dates alone constituted willfulness, then “every violation of the statute would be willful simply because it was a violation”) (emphasis in original).

As discussed above, FACTA expiration-date claims can only involve three possible scenarios: (1) the merchant knows about the expiration date truncation requirement and intentionally ignores it; (2) the merchant knows about the requirement and attempts to truncate the expiration date but fails; or (3) merchant does not know about the requirement. If the third scenario qualifies as reckless, then all expiration date violations invoke civil liability regardless of whether they are negligent or willful, directly contradicting FACTA’s plain statutory language.

Had Congress intended to impose civil liability for all FACTA violations in this way, it would not have specified different standards for negligent and willful noncompliance. See, e.g., Duncan v. Walker, 533 U.S. 167, 174 (2001) (court must “give effect, if possible, to every clause and word of a statute”). Instead, it would have just created civil liability for noncompliance and increased the potential damages for willful noncompliance. See Fish v. Kobach, 840 F.3d 710, 740 (8th Cir. 2016) (“When Congress knows how to achieve a specific statutory effect, its failure to do so evinces an intent not to do so.”) (emphasis in original). Ignoring consumer risk improperly abrogates Congress’s clear statutory intent that civil liability only extends to either negligent or willful violations. See, e.g., 15 U.S.C. §§ 1681n, 1681o.

Conclusion

FACTA requires merchants to redact expiration dates from electronically printed receipts, and it provides enforcement mechanisms allowing the appropriate agencies and state actors to ensure that merchants comply. See 15 U.S.C. §§ 1681c(g)(1), 1681s. Congress never intended these requirements to expose merchants to crippling class-action liability for noncompliance that creates no possible risk of harm. See, e.g., Pub. L. No. 110-241, § 2(b); Sieber, 604 F. Supp. 2d at 1371. A merchant who violates FACTA in a way that Congress specifically found does not increase the risk of identity theft cannot have recklessly disregarded the nonexistent risk, and it therefore cannot have willfully failed to comply with the act. See, e.g., Vidoni, 2012 U.S. Dist. LEXIS, *15–*16. State courts forced to hear expiration date claims because federal courts will not exercise jurisdiction over them should dismiss the claims with prejudice at the pleading stage.

*  Kevin M. Hudspeth serves as of counsel to Maurice Wutscher LLP, a national financial services law firm, where he practices in the appellate, consumer credit, and regulatory compliance groups. He has extensive experience with litigation at all levels in federal and state courts across the country, including appeals, class-action lawsuits, and matters involving complicated facts and complex legal issues. He is actively litigating the issues discussed in this article.

Although most of the nation has been anxiously watching the stock market and daily coronavirus updates from White House officials, some business owners have been sidetracked with captive insurance issues. For many business owners who participate in micro-captive insurance programs, and as highlighted in the March 20th issue of the New York Times, the recent cessation of business has prompted a review of captive coverages to determine whether relief can be provided in the form of a claim for business interruption.[1]

However, news coverage of micro-captives was almost immediately followed by the receipt of IRS Letter 6336 (the Micro-Captive Soft Letter) by many captive owners and their insureds. Similar to the up and down of the stock market, micro-captive owners and insureds are now wondering whether they can seek monetary relief for business interruption through their micro-captives, but are at the same time confused as to their exposure for federal and state income tax liabilities. The current environment for micro-captive owners requires examining micro-captive policies to not only determine whether relief is available, but also to avoid losing sight of any potential tax issues, including reporting requirements.[2]

Potential for Abuse. Tax law generally allows businesses to create “captive” insurance companies to cover certain risks that are otherwise unavailable or expensive to cover in the commercial market. The insured company benefits by obtaining the additional coverage and deducting the premiums paid to the captive insurer. Upon making an election under section 831(b) of the Internal Revenue Code, the captive insurer may exclude the premiums from income.

According to the IRS, in abusive micro-captive insurance structures, the relationship might lack the attributes of genuine insurance. For example, coverages might insure implausible risks, fail to match genuine business needs, or duplicate the taxpayer’s commercial coverages. Premium amounts might be unsupported by actuarial analysis or geared toward a desired deduction amount, and policies might contain vague and ambiguous terms, or otherwise fail to meet industry standards. Further, premiums for policies that do not result in claims, but generate income tax deductions (at ordinary income tax rates to the insured), and are accumulated for future distribution (at capital gain rates) to family members or trusts created for their benefit, entirely sidestepping transfer taxes in the process, have also been identified by the IRS as potentially abusive.[3]

Continuing IRS Pressure. The soft letters recently issued are one tool the IRS uses to obtain information from taxpayers as well as advisors. The IRS has previously indicated that soft letters might be used as a tool for enforcement, and has recently used soft letters as an enforcement tool in its cryptocurrency campaign. Other methods of enforcement utilized in IRS campaigns include issue-based exams as well as practitioner outreach.

Micro-Captive Soft Letter. The Micro-Captive Soft Letter puts the taxpayer on notice that (a) the taxpayer has been identified as participating in a micro-captive; (b) several consecutive tax court rulings have issued in favor of the IRS; and (c) the IRS is increasing enforcement activity, which will entail opening additional examinations. The Micro-Captive Soft Letter then requests that if the taxpayer is “no longer claiming a deduction or other tax benefit for any micro-captive,” the taxpayer “must” sign a statement under the penalties of perjury indicating whether the taxpayer is still “participating” in a captive and the year the taxpayer last took a deduction or other “tax benefit” associated with the captive.

If the taxpayer is continuing to participate in a micro-captive, the Micro-Captive Soft Letter reminds the taxpayer to continue to disclose participation in the transaction on Form 8886. Additionally, it recommends that the taxpayer seek independent, competent counsel prior to filing 2019 tax returns, and to consult on whether the taxpayer should amend prior-year returns for improper deductions or tax benefits.

The IRS informs the taxpayer that complying with the terms of the letter will be considered in any future enforcement action. When filing amended returns, the IRS requests the taxpayer to write “Micro-captive” on the top of the amended tax return. The IRS closes its letter by stating that if prior years are amended, such amendments could be qualified amended returns (QAR). The IRS states that the Micro-Captive Soft Letter does not constitute an examination for purposes of the rule negating a QAR if the taxpayer has already been contacted by the IRS concerning any exam with respect to the tax return. This means the IRS will not seek penalties (under the first-contact exception to the QAR rules) if the IRS subsequently opens such years for exam. This benefit can be incredibly helpful in that the IRS has been seeking a 20-percent penalty and up to a 40-percent (nondisclosure of noneconomic substance) penalty for understatements resulting from denied micro-captive deductions. It is also worth noting that a transaction lacking economic substance carries with it strict liability for such penalties, notwithstanding an advisor’s opinion letter.

Micro-Captive Soft Letter Side Effects. The recent developments described above could have various impacts on the micro-captive industry. First, the soft letters might have a psychological effect making micro-captives and the associated management fees that go along with it seem decidedly less attractive. This in turn might impact revenue for those that rely primarily on the tax election as a source of business. See Endeavor Partners Fund, LLC v. Comm’r of Internal Revenue, 115 T.C.M. (CCH) 1540 (T.C. 2018), aff’d, 943 F.3d 464 (D.C. Cir. 2019) (“Recognizing that the IRS notices accurately described POPS and PICO, Bricolage advised its clients that the notices were only a statement of the IRS’ position, not a change in law. But the notices effectively eliminated demand for Bricolage products, forcing it to abandon many planned transactions. Bricolage accordingly began to wind down its activities.”). Second, some taxpayers might follow the IRS’s advice and seek independent counsel, who might suggest filing amended returns. This advice could be completely at odds with the advice that might be provided by a captive management company, thereby creating a quandary for the taxpayer as to who to trust. Further, conflicted advisors who are contacted by taxpayers might assist in procuring “independent” counsel, subject to the conflicted advisor’s “vetting process.” However, these advisors may not be viewed by the court as being truly independent, weakening the taxpayer’s defense against penalties. Consequently, it is likely that the industry will be divided into camps, where some will advise taxpayers to seek independent advice, and others, such as some promoters, will advise taxpayers that the latest IRS letter is a nothing more than the same IRS bullying. Their advice may be to ignore the letter and “wait it out,” given that the IRS has limited resources. Notwithstanding limited resources, LBI memo 4 14 2020 provided the campaign against micro-captives will continue, including opening new audits, despite the general postponement of new returns examinations until July 15, 2020.[4]

Signing under Penalty of Perjury. This particular signature carries with it important ramifications. In addition to perjury statutes of general applicability, an IRS-specific perjury statute, 26 U.S.C. § 7206(1), subjects false sworn statements to the IRS to fines of up to $100,000 ($500,000 in the case of a corporation) and imprisonment for up to three years. Consequently, any prevarication concerning continued participation in or tax benefits received from a micro-captive program could subject a taxpayer to criminal penalties, even if the program is otherwise defensible.

Parallel Investigations. The potential for criminal exposure provides further reason to heed the IRS’s advice and consult knowledgeable and experienced independent counsel. Indeed, unbeknownst to soft letter recipients, if the IRS suspects fraud, a criminal investigation could be proceeding in the background. The IRS routinely conducts such simultaneous civil and criminal investigations. Such parallel investigations are conducted separately, but whereas IRS policy forbids criminal investigators from directing actions in the civil investigation, the civil and criminal functions conduct regular “coordination meetings” to “facilitate sharing important case developments.”[5] IRS policy dictates that “[s]haring information between revenue officers and government attorneys assigned to the case is a key ingredient in developing civil and criminal cases simultaneously and efficiently.”[6] Therefore, in deciding whether and how to respond to the soft letter, counsel should consider the potential for criminal exposure, and in particular, whether to inquire about the existence of a criminal investigation, given that IRS policy forbids revenue officers from misleading taxpayers in this regard—though, a word to the wise, it also essentially directs revenue officers to avoid giving a straight answer to such an inquiry.[7]

Next Steps. Micro-captive owners should engage in a cost-benefit analysis with respect to the execution of the Micro-Captive Soft Letter. Although the response date is May 4^th, the IRS recently informed the press that the response date has been automatically extended to June 4^th, an extension that has also been confirmed by revenue agents working the Micro-Captive Soft Letter hotline. (According to hotline agents, this extension should be posted to the IRS website soon.)  The micro-captive owner must consider whether to respond because submitting the letter technically is not required. Additionally, the micro-captive owners should consider their exposure if audited and penalties are imposed, in addition to exposure to criminal penalties. All of this should be considered in light of the micro-captive owner’s particular facts and circumstances and the established precedent of the recent tax court opinions that found in favor of the IRS. Although one tax court opinion is currently being appealed, holding out hope for a favorable appeal does not help now, nor does it guarantee that a favorable ruling will be applicable to every micro-captive’s unique facts and circumstances.

[1] The New York Times, March 20, 2020.

[2] The United States Supreme Court accepted review of the Sixth Circuit’s divided decision in favor of the IRS and its reporting requirements under Notice 2016-66.  See CIC Services, LLC v. Internal Revenue Service, et.al., 19-930.

[3] I.R.S. Info. Rel. 2019-47, Mar. 19, 2019.

[4] Memo from LB&I Commissioner to all LB&I employees regarding “LB&I Compliance Priorities During the COVID-19 Pandemic” dated April 14, 2020.

[5] IRM §§ 5.1.5.2 (Parallel Investigations) (12-16-2014), 5.1.5.6 (Coordination Meetings) (08-03-2009).

[6] IRM § 5.1.5.9 (Information Sharing) (08-03-2009).

[7] IRM § 5.1.5.7(3) (Interviews) (08-03-2009).

A new opinion provides insight into the SEC’s regulation-through-enforcement approach toward ICOs.[1] Digging into the facts of a potentially billion-dollar cryptocurrency raises questions, and provides a few answers, about cryptocurrency sales.

In SEC v. Telegram Group Inc. & TON Issuer Inc., 19-cv-9439 (PKC) (S.D.N.Y. Mar. 24, 2020), the district court ruled in favor of the SEC in a motion for preliminary injunction against the issuance of a new cryptocurrency by Telegram Group Inc. (Telegram). The court found that the SEC showed a substantial likelihood of success in proving that Telegram’s plan to distribute the cryptocurrency would be an offering of securities to which no exemption applies. Telegram’s cryptocurrency would have been one of the most important in the industry, and the court’s ruling provides insight into the legal treatment of cryptocurrency, in particular the nature of decentralization and blockchain governance.

Telegram runs a messaging service (Messenger) popular in cryptocurrency circles due to its heavy encryption and distributed server network. It is used worldwide and claims a user base of 300 million. The company runs largely without charging fees or displaying advertisements and is funded from the founders’ personal wealth. In 2017, the company began to develop a blockchain and a digital asset—the TON (Telegram Open Network) Blockchain and Grams, respectively, to be integrated with Messenger. The distribution of the Grams is the focus of the SEC’s enforcement action.

Grams Token Distribution Plan

The initial supply of Grams was intended to be limited to five billion, all of which would be initially held by Telegram. Telegram intended to distribute the Grams in several rounds.

Initial Purchasers. Round one consisted of the sale of 2.25 billion Grams to 81 purchasers (Round 1 Purchasers) for $850 million, or approximately $0.38 per Gram. Round 1 Purchasers were subject to a staged lockup period, ending three, six, twelve, and eighteen months after launch of the TON Blockchain. In round two, Telegram sold 700 million Grams to 94 purchasers (Round 2 Purchasers, and together with the Round 1 Purchasers, the Initial Purchasers) for $850 million, or approximately $1.33 per Gram. In total, the Initial Purchasers would hold 58 percent of the Grams upon launch of the network. Telegram filed Form Ds for the sales to Initial Purchasers and claimed an exemption under Rule 506(c).

Incentive Reserve. According to promotional materials, Telegram intended to retain four percent of the Grams for Telegram developers building the TON Blockchain, including one percent for each of the two founders. Further, Telegram stated that 10 percent of Grams would be reserved for incentive programs, such as distributions to Messenger users.

TON Foundation. The remaining unallocated Grams, about 28 percent, were intended to be transferred to a to-be-created nonprofit, the TON Foundation. The TON Foundation would be tasked with control of such reserve and maintaining governance functions for the TON Blockchain. The TON Foundation would be controlled by a board, including the Telegram founders. If the TON Foundation is not established, then the reserve would be locked indefinitely.

The SEC’s Preliminary Injunction

Prior to the establishment of the TON Blockchain and distribution of the Grams, the SEC filed for a preliminary injunction in the Southern District of New York. The SEC claimed that such distribution would constitute an unregistered offering of securities under section 5 of the Securities Act of 1933 (the Securities Act). On March 24, 2020, the court granted the SEC’s motion for a preliminary injunction and found that the SEC showed a substantial likelihood of success in proving that the sales to the Initial Purchasers are part of a larger scheme to distribute those Grams into a secondary public market. In essence, the Initial Purchasers are “underwriters” under the Securities Act; therefore, Telegram is not entitled to rely on the exemption under Rule 506(c) of Regulation D.

Howey Analysis. Section 2(a)(1) of the Securities Act defines a “security” to include an “investment contract.” In turn, under the Howey test, the Supreme Court defined an “investment contract” as “a contract, transaction or scheme whereby a person invests his money in a common enterprise and is led to expect profits solely from the efforts of the promoter or a third party.” S.E.C. v. W.J. Howey Co., 328 U.S. 293, 298–99 (1946). Essentially, there are four prongs to the test: (1) investment of money, (2) common enterprise, (3) expectation of profit, and (4) efforts of another.

Two factors were key to the court’s finding that the distribution of Grams constituted an offering of securities. One, the success and continued development of the TON Blockchain, and therefore the functionality and usability of the Grams, was tied directly to Telegram’s operations and support. The proceeds from the sales to the Initial Purchasers was used to cover Telegram’s expenses, and the reserve would provide price support. Further, the success of the project depended on Messenger’s popularity among a large user base. Two, the Initial Purchasers did not seek to obtain the Grams for consumption, but for resale to the general public. Despite representations in the purchase agreements to the contrary, the court found that the economic incentives of the transaction evidenced an investment intent and expectation of profit.

Telegram argued that even if the sale to the Initial Purchasers was a security offering, once the Grams are available upon launch of the TON Blockchain, they would be commodities with a consumptive purpose, not securities.[2] The court disagreed and found that the initial contracts must be considered along with all related expectations and understandings, including subsequent distribution of the Grams. Viewed as a whole, the sale to the Initial Purchasers was with the purpose of a sale in the public market. Therefore, the court found the transaction to be “a disguised public distribution” and not eligible for exemption from registration under section 4(a)(2).

Key Takeaways

Endorsement of Decentralization Defense. Without citation, the court stated that “[i]n the abstract, an investment of money in a cryptocurrency utilized by members of a decentralized community connected via blockchain technology, which itself is administered by this community of users rather than by a common enterprise, is not likely to be deemed a security under the familiar test laid out in [the Howey test].” This is a seeming endorsement of the SEC’s position that a cryptocurrency on a “sufficiently decentralized” blockchain would not be considered a security.

William Hinman, Director of the SEC’s Division of Corporate Finance, has stated that:

If the network on which the token or coin is to function is sufficiently decentralized—where purchasers would no longer reasonably expect a person or group to carry out essential managerial or entrepreneurial efforts—the assets may not represent an investment contract. Moreover, when the efforts of the third party are no longer a key factor for determining the enterprise’s success, material information asymmetries recede. As a network becomes truly decentralized, the ability to identify an issuer or promoter to make the requisite disclosures becomes difficult, and less meaningful.[3]

If a cryptocurrency is decentralized, the last prong of Howey, whether the expectation of profit stems from the efforts of others presumably would not be satisfied. Although there is no accepted definition of “sufficient decentralization,” the court in the Telegram case suggests a test: whether the cryptocurrency would have the same “mass adoption, vibrancy and utility” that would enable the expected profits even if the issuer moved offshore and ceased operations. In the court’s opinion, the TON Blockchain failed this test.

The test as stated leaves something to be desired; it is vague and may not be reasonably attainable. Establishing a decentralized network would take time before there was sufficient adoption in the developer community to ensure such a test could be met. Even in the cases of Bitcoin and Ethereum (which are generally accepted as decentralized), the networks likely would have failed this test initially. Further, one could imagine an open-source protocol where the initial development team is unable to enact unilateral changes, either due to legal or technology restrictions, and there is involvement by a wider developer community, yet the cryptocurrency still relies on the initial team for its “vibrancy.”

Importance of Token Governance. In considering the “common enterprise” prong of the Howey test, one factor was that Telegram intended for the Gram reserve to be held by a to-be-established TON Foundation. Such foundation would hold the reserve—in effect providing monetary policy for the token—and hold governance responsibility for the TON Blockchain. The court found fault with this plan, however. One, Telegram was under no legal obligation to create the TON Foundation or transfer the Gram reserve if created. Two, even if the TON Foundation was created and the reserve transferred, there was no requirement that Telegram appoint an independent board.

Establishing a foundation to manage blockchain governance can help ensure the independence and integrity of the blockchain and related tokens. As with the Ethereum Foundation, a foundation can promote and support a cryptocurrency that is otherwise fully decentralized. Yet, as the court points out, there is a risk of capture by the token issuer if governance roles and rules are not established and enforceable prior to issuance. Further, if the foundation is responsible for sale of the token, there is a risk that it would find itself liable for violation of the securities laws. Nevertheless, a legally existing and independent foundation with established rules could weaken an argument that a cryptocurrency is an investment in a common enterprise.

Evaluate Distribution Scheme Based on Economic Reality. Finally, it is important to note that the court focused much more on the economic reality of the token distribution than the terms of the purchase agreements. In particular, the court found that economic incentives, such as discounts and lockup periods, were intended to ensure the resale and wider public distribution of the Grams—“a disguised public distribution.” Further, the nature of the sales displayed an investment intent, including the fact that the initial purchasers were professional investors, such as VC firms, that bought large numbers of Grams. This is despite inclusion of appropriate legal representations in the purchase agreements.

The opinion was well-reasoned and should be influential either on appeal or in future ICO cases. In the face of the preliminary injunction, Telegram is already considering appealing the decision[4] or selling the Grams solely to non-U.S. purchasers.[5] Although the future of the TON Blockchain is unclear, this ruling should provide insight for legal practitioners and developers of future cryptocurrencies.

[1] Alex Fader is the Chief Legal Officer, Salt Blockchain Inc., and Chair, Corporate Counsel Subcommittee of the CBA Business Law Section ([email protected]). The views expressed in this article reflect the author’s own and do not reflect the views of Salt Blockchain Inc.

[2] Notably, the CFTC weighed in on the commodity versus security question as well. In a February 18, 2020 letter to the judge in this case, the CFTC stated:

Digital currency is a commodity. See, e.g., CFTC v. My Big Coin Pay, Inc., 334 F. Supp. 3d 492, 495-98 (D. Mass. 2018) (citing cases); In re BFXNA Inc. d/b/a Bitfinex, CFTC Dkt. No. 16-19, 2016 WL 3137612, at *5 (CFTC June 2, 2016) (“Bitcoin and other virtual currencies are … properly defined as commodities.”). However, the Commodity Exchange Act (“CEA”), 7 U.S.C. §§ 1-26, provides that many securities are commodities to which the securities laws apply. Thus, any given digital asset may or may not be subject to the securities laws, but that does not depend on whether the asset is a commodity. It depends on whether the asset is a “security” within the meaning of the ’33 Act itself.

Robert A. Schwartz, Deputy General Counsel, Litigation, Enforcement & Adjudication, CFTC, Letter to Judge Castel, Re: SEC v. Telegram Group, Inc., et al., No. 1:19-cv-09439 (PKC) (Feb. 18, 2020).

[3] William Hinman, Dir., Div. of Corp. Fin., SEC, Remarks at the Yahoo Finance All Markets Summit: Crypto: Digital Asset Transactions: When Howey Met Gary (Plastic) (June 14, 2018).

[4] Nikhilesh De, Telegram Appeals Court Ruling Barring Gram Token Distribution, CoinDesk (Mar. 25, 2020).

[5] Anna Baydakova, Telegram Hopes It Can Still Sell Tokens to Non-US Investors After Court Ruling, Yahoo Fin. (Mar. 30, 2020).

The Olympic Games: an event that involves athletes from 206 countries competing in 33 different sports, each requiring specialized training and competition facilities, that must be completed in 17 days as half the people on the planet watch the exciting drama unfold. Think of the tens of thousands of contractual and other arrangements that go into the delivery of an event as complex as the Olympic Games.

The Games are awarded to the city selected by a majority of the members of the International Olympic Committee (IOC) from among candidate cities around the world approximately seven years prior to the date of the Games. The organizational aspects are set forth in a contract between the IOC, the host national Olympic committee, and the government of the host country. Tokyo was chosen in 2013 for 2020 Games, and the exact dates were identified shortly thereafter: July 24–August 9.

Once the dates are confirmed, everything turns on ensuring the Games will start and finish on those precise dates. There is no margin for error; everything must work perfectly—the first time. Using military terminology, the Games are a no-fail mission.

Athletes build their training around a fixed schedule: an athlete competing in the 100-meter dash, for example, knows precisely when the heats, quarter-finals, semi-finals, and finals will occur in order to achieve optimal performances during the Games. The international sport schedules in all Olympic sports are designed around the Olympic calendar so that all athletes are at their best for the Games.

Broadcasters, sponsors, spectators, transportation companies, hotels, meeting and other facilities such as conference and convention centers, suppliers, and construction and development organizations all base their planning on the dates of the Games. Legislation in the host country generally needs adjustment to permit entry without visas (merely the Olympic identification card), to permit Olympic parties to bring equipment and workers without taxation and to remove both when the Games finish (again without taxation), to establish the necessary security arrangements, and to provide special access at airports and other border crossings, to name but a few.

The Japanese organizers have been first class, and there was little doubt that the Games were going to be extremely well organized. There was a universal expectation, within the Olympic movement and throughout Japan, that the forthcoming Games would set new standards in Games planning and delivery.

Enter COVID-19.

That the world was unprepared to deal with this virus is now all too apparent. Not only was the world unprepared, but in too many cases the threat was underestimated, and exceptional measures to limit its spread were not undertaken quickly enough. The virus spread and a pandemic resulted. Personal livelihoods and freedoms have been compromised, the economy has suffered, education has been affected, people have died from the virus, and more will die.

Although an event like the Games is not as important as the larger existential threat implicit in COVID-19, it nevertheless is impacted by it and, depending on the organizers’ conduct, could either support efforts to contain the virus or act in disregard of those efforts.

The contractual right to cancel the Games in the face of, among other considerations, safety concerns could have allowed the IOC to unilaterally cancel the Tokyo Games. It did not do so. Instead, it responded positively to a request by the Japanese government to postpone the Games, after consultation with the WHO, competing athletes, international federations, and national Olympic committees. The most convenient postponement was almost exactly one year, to begin on July 23, 2021, taking advantage of vacation periods and student holidays to reduce traffic and strains on the transportation systems. The schedule matches previous athlete training rhythms and minimally impacts sport programming for the major broadcasters. It also gives the organizers the time they need to extend, vary, or renegotiate the many contracts entered into before the disruption resulting from the pandemic.

The organizers and others are now undertaking the many challenges of re-weaving the contractual tapestry for Games in 2021. This will remain a work in progress and will require the exercise of tact and compromise, as well as a general desire to make the postponement work. Organizing a first-bounce recovery is much better for everyone, including for Japan, the athletes, and the spectators, rather than simply to cancel the Games. It is not the fault of the Tokyo organizers, nor the Olympic parties, that the pandemic has struck, and no “blame” can fairly be assigned to any of the contractual parties.

A formidable series of challenges looms ahead. To mention but a few, consider the Olympic Village, generally recognized as the “heart” of any Olympic Games, where the athletes of the world come together. This involves some 20,000 people (athletes, coaches, officials, and medical staff) who all must be accommodated, fed, and transported to and from training and competition venues. Security must be provided in a post-Munich and post-9/11 era, which has changed the former, less formal paradigm. All those arrangements must be put on hold and reinstalled a year later. Organizing committee employees may be kept on, or laid-off and rehired several months later. Venue arrangements need renegotiation, and ticket arrangements may be carried forward if the venues remain exactly the same, or revised if there will be new venues. Hotel accommodations may or may not be carried forward, depending on negotiations with the relevant associations. Airport and border-crossing security must be reconfigured, and coordination with law enforcement agencies and even the military put back into place.

With the goodwill surrounding the Olympic Games, this should all be possible. The world wants the Olympics to work because if the Olympics can work, perhaps someday the world will work. First, however, we must wrestle COVID-19 to the ground.

 Joining the global trend originating in Europe with the General Data Protection Regulation (GDPR), Brazil recently enacted its own omnibus law governing the use of personal data, the Lei Geral de Proteção de Dados (LGPD), or General Law for the Protection of Privacy. Similar to the EU’s GDPR and California’s Consumer Privacy Act (CCPA), LGPD is intended to regulate the processing of personal data. The stated purpose of the law is to protect “the fundamental rights of freedom and privacy and the free development of the personality of the natural person.”

This article addresses the most commonly asked questions about the applicability of LGPD and its exemptions and enforcement. The analysis is woven with a comparison to the GDPR and CCPA.

To Whom Does LGPD Apply?

The LGPD applies to any natural person or legal entity, including the government, that processes the personal data of the people of Brazil, even if the entity processing the data is based outside of Brazil. There are some exceptions, however, such as (1) when the processing is done by a natural person exclusively for private and noneconomic purposes; (2) when done exclusively for journalistic, artistic, or academic purposes; or (3) when done for purposes of public safety, national defense, state security, or activities or investigation and prosecution of criminal offenses.

What Is Personal Data and How Can It Be Processed?

Personal data in this statute is defined broadly as “information regarding an identified or identifiable natural person.” There are also special restrictions for the processing of “sensitive personal data,” which is data that relates to racial or ethnic origin, religious beliefs, political opinion, affiliation to unions or political, philosophical or religious organizations, health information, sexual preference, or genetic and biometric data. To that end, and similarly to the GDPR and CCPA, sensitive personal data may only be processed when the data subject specifically and distinctly consents to the specified purposes.

Personal data may be processed without consent for certain specific and limited purposes, including (1) to comply with a legal obligation; (2) when it is necessary by the public administration for the execution of public policies; (3) when it is a study carried out by a research entity; or (4) to protect the life or physical safety of the data subject or a third party.

Companies can collect and use publicly available personal data under the LGPD only if it is (1) being used for the same purpose that it was originally collected, in which case consent from the data subject is not needed; or (2) for a different purpose, but only if the controller has identified a valid legal basis for the use of the data.

What Rights Does LGPD Grant to Data Subjects?

The LGPD sets out nine fundamental rights granted to all Brazilian data subjects that are similar to the eight fundamental rights laid out in the GDPR. The ninth comes from a more specific definition of the “right to be informed” as granted in the GDPR. LGPD separates the right to be informed into (1) the right to “information about the public and private entities with which the controller has shared data” and (2) “information about the possibility of denying consent and the consequences of such denial.” This gives the data subject not only a right to request information the organization collects about the data subject, but also the right to ask about what will happen if the data subject does not give the controller consent to process his or her personal data. Data subjects are also entitled to an explanation about any automated decision-making carried out by the controller that affects their interests. When a data subject requests a review, the controller must provide “clear and adequate information regarding the criteria and procedures used for an automated decision.”

What Is Exempted under LGPD?

Although the GDPR has six lawful bases for processing data, the LGPD expands upon those, listing 10 legal bases for justifying the processing of personal data. The 10 bases listed in the LGPD generally follow the bases listed in the GDPR, with the exception of the last legal basis listed in the LGPD, giving the ability to process data for “the protection of credit.” This implies that consent is not necessary under the LGPD to process data for credit protection purposes, but this section should still be read in the context of two other laws that govern personal data for protection of credit purposes (the Federal Consumer Code and the Positive Credit History Law).

In addition to the legal basis exempted to process data, like the GDPR and CCPA, under the LGPD, data that has been anonymized is generally exempt from the requirements of the LGDP so long as the process by which the data was anonymized is not able to be reversed applying reasonable efforts. The LGPD defines “anonymization” as the “use of reasonable technical means available at the time of processing, by means of which the data loses the possibility of direct or indirect association to a natural person.” A key difference here, however, is that per the LGPD, some anonymized data may even be deemed as “personal data” if it is used to “formulate behavioral profiles of a particular natural person, if that person is identified.” As such, if the anonymized data is still being used for behavior profiling, it is subject to the restrictions of personal data. Another difference is that, unlike the GDPR, the LGPD does not necessarily endorse pseudonymization as a best practice; in fact, it only addresses pseudonymization once, encouraging public health research bodies to either anonymize or pseudonymize when possible. GDPR, by contrast, frequently references pseudonymization as a best practice in order to assure compliance.

What Other Key Requirements Does LGPD Impose?

Aside from having to identify a legal basis for processing data without consent, companies must also create and maintain a map of the personal data that they collect and process. This requirement is not imposed by CCPA but it does appear under GDPR. Furthermore, organizations must ensure that they are tracking consents and revocations by data subjects, which should be done as a matter of best practice even to establish compliance if it were not specifically mentioned in LGPD.

Does LGPD Require a DPO?

Like the GDPR, and unlike the CCPA, the LGPD requires businesses and organizations to hire a Data Protection Officer (DPO). However, unlike GDPR, the LGPD does not outline specific cases for which a DPO is needed. It simply states that the “controller shall appoint an officer to be in charge of processing personal data.” This implies that any organization that processes the data of people in Brazil will need a DPO. Both controllers and processors must appoint a DPO.

Who Will Enforce LGPD?

The LGPD creates an enforcement authority responsible for overseeing the data protection regulation in the National Data Protection Authority (Autoridade Nacional de Proteção de Dados, or ANPD). The ANPD has the authority to create separate guidelines, rules, and deadlines applicable to small businesses and startups to make sure that they comply with the LGPD. As the ANPD begins to issue guidance on the provisions of the LGDP, this will affect how they will be enforced and implemented. The LGPD does not give a firm deadline for reporting data breaches to the ANPD; it merely states that “the controller must communicate to the national authority and to the data subject the occurrence of a security incident . . . in a reasonable time period, as defined by the national authority.”

What Are the Fines for Noncompliance?

Fines for noncompliance are not as substantial in the LGPD as they are in the GDPR, giving the maximum fine for a violation as “2% of a private legal entity’s, group’s or conglomerate’s revenue in Brazil, for the prior fiscal year, excluding taxes, up to a total maximum of 50 million reals.” The sanctions will be applied only after an administrative procedure where opportunity is given for a full defense, and taking into account the severity of the infraction and other parameters.