Next week marks the 40th anniversary of the Foreign Corrupt Practices Act – it became effective December 19, 1977. Deputy Attorney General Rod Rosenstein marked the occasion this month by providing an update on the FCPA Pilot Program announced in spring 2016 and detailed in this Compliance Gap blogpost. Bottom line: the FCPA policy now provides for a presumed declination of prosecution for companies that complete a fulsome self-disclosure disgorgement, and remediation program. Continue Reading FCPA in the Trump DOJ: Continuing Down the Same Path, with a Little More Heft
Last week the SEC announced it had reached an agreement with privately-held company Zenefits, and its co-founder and former CEO Parker Conrad, to settle allegations that Zenefits materially misled Series B and C investors. The parties agreed to settle for over a combined $980,000 (Zenefits agreed to pay $450,000, with Conrad responsible for the balance). This appears to be a first-of-its-kind SEC enforcement action against a privately-held company, reflecting this ongoing enforcement priority for the agency in Silicon Valley. Continue Reading With Zenefits Settlement Award SEC Demonstrates Continued Commitment to “Unicorn” Scrutiny Despite Administration Change: Same Old Sheriff in Town
The fight over whether the government may access the data of companies and individuals that is stored overseas has officially made its way to the U.S. Supreme Court. On October 16, the Supreme Court agreed to review the Second Circuit’s decision in Matter of Warrant to Search a Certain E-Mail Account Controlled & Maintained by Microsoft Corp., 829 F.3d 197, 203 (2d Cir. 2016). The grant of certiorari was a win for the Department of Justice. As we previously reported, the Second Circuit had held that the government could not compel production of Microsoft’s email account data stored in Dublin, Ireland because warrants traditionally may only be enforced domestically under the Stored Communication Act. While there is much speculation about which way the Court may rule, the consensus appears to be that its decision could significantly impact the government’s search and seizure power under the Fourth Amendment. It is also conceivable that the ruling could pave the way for broader discovery in the civil context, allowing parties to subpoena or otherwise request documents stored abroad in the course of civil litigation.
Meanwhile, there are identical legislative proposals (International Communications Privacy Act of 2017 (ICPA)) that have been introduced in both the Senate and House of Representatives addressing the privacy of internationally stored data. The ICPA would allow the government to obtain with a warrant the electronic communications of U.S. citizens and permanent residents, regardless of where the individuals or communications are located, from service providers. The proposals have received broad support, including from Microsoft, which has stated that the proposed law “updates antiquated data laws to better meet the needs of law enforcement, while protecting people’s privacy rights.”
We will continue to monitor these proceedings, which could have a major impact on our clients.
Demonstrating and ensuring independence in internal investigations is a critical issue for corporate counsel to consider, especially when facing or anticipating parallel regulatory probes. How to properly do so is a nuanced process. As this piece published by Corporate Compliance Insights explores, it is not as simple as the binary question of whether counsel conducting an internal investigation had a previous working relationship with the company.
Read the full article I co-authored with senior associate Nell Clement and associate Josh Malone: Rethinking Independence in Internal Investigations
The prosecution of Martin Shkreli, whom the BBC has called “the most hated man in America,” reveals some important lessons about the Fourth Amendment protections against search and seizure in the digital corporate context: physical access to documents on a server may trump actual ownership of records. Continue Reading The Fourth Amendment Implications of Sharing Server Space
It doesn’t take a millennial to know that these days not all pertinent business-related communications are to be found on corporate e-mail servers. As we have increasingly seen in recent internal investigations, the most important written communications (especially between high-level executives), are now to be found in a place that most lawyers at the senior level have for years either ignored altogether or for some reason considered untouchable – cell phone text messages. The New York Times recently reported on the implications of this trend—which is hardly new— of executives at all levels taking sensitive communications off e-mail. See As Elites Switch to Texting, Watchdogs Fear Loss of Transparency.
The same potential loss of key communications from “the record” are present in internal corporate investigations where texts are left out of the investigation plan. If text messages and other forms of messaging are not fully considered, an internal investigation result may be at best incomplete or at worst incorrect. The worst mistake is when investigators assume that if communications are not found in corporate e-mail that they did not occur, and draw inferences based on that assumption. But text messages can be difficult to collect from individuals, and, due to a patchwork of inconsistent corporate policies regarding their preservation and use, may present privacy considerations on behalf of the individuals who are texting. Those difficulties begin to make it more understandable why most internal investigators would prefer to ignore their existence altogether and simply rely on easily attainable, and searchable, corporate e-mail. Continue Reading Use of Text Messaging Should Change the Nature of Evidence Gathering in Internal Investigations
Earlier this year we highlighted the growing trend of regulators asserting continuing post-investigation control over the operations of companies accused of compliance failures. At the state level, we highlighted a deal reached between the California Department of Industrial Relations (DIR) and Zenefits, a privately-held health care brokerage firm, in which the DIR agreed to forgive half of a $7 million fine in exchange for continuing audits to evaluate future compliance with state regulations.
At the federal level, we’re seeing the same trend. Continue Reading If You Give a Mouse a Cookie: Ongoing Regulatory Monitoring Increasing in Federal and State Non-Compliance Resolution
A dispute in California federal court over whether Google must turn over documents stored overseas in response to a search warrant may have major implications for white collar practitioners and their clients. Last week Google asked a California federal judge to review an order by Magistrate Judge Laurel Beeler that required the company to produce content stored outside the United States in response to a warrant. U.S. District Judge William Alsup will hear Google’s motion for de novo review of the order on June 22. In the order at issue, Judge Beeler denied Google’s motion to quash a warrant issued pursuant to the Stored Communications Act (SCA), 18 U.S.C. § 2703. The SCA, in part, requires the disclosure of customer communications or records by internet service providers pursuant to a warrant. The warrant sought documents related to specific Google email accounts, including subscriber information, evidence of specified crimes, and information about the account holders’ true identities, locations, and assets. Google produced information it stored domestically, but argued that the warrant could not reach information stored abroad. Google argued that its legal team in the United States were the only personnel authorized to access and produce the communications, which could be accessed from within the United States. Matter of Search of Content that is Stored at Premises Controlled by Google, No. 16-MC-80263-LB, 2017 WL 1487625, at *2 (N.D. Cal. Apr. 25, 2017). Continue Reading Blurring The Line Between Foreign and Domestic: The Expansion of Search Warrant Powers Overseas
In January of this year, the Federal Trade Commission (FTC) brought suit against Taiwan-based D-Link Corp. and its U.S. subsidiary, D-Link Systems Inc, in Los Angeles Federal Court, for failing to properly secure its consumer routers and computer cameras. According to the FTC, the devices were billed as containing “advanced network security” but actually left thousands of devices vulnerable to hacking and compromise. The results of this FTC suit could create a de facto security compliance regime for all purveyors in the ever-growing “internet of things.” Continue Reading Is There Fire Where There’s Smoke? The FTC Says Yes
In the present uncertain legal and regulatory environment, the role of shareholder activists in scrutinizing corporate behavior seems to be gaining steam. See, e.g., An Activist Investment in Whole Foods Exposes Shifting Power on Wall St. We are increasingly seeing corporate internal investigations being influenced, if not driven by, the presence of activists on the Board. It remains to be seen whether the role of activists in policing corporate governance and other corporate regulatory issues will continue to increase in an environment where SEC Enforcement is increasingly under pressure (budgetary and otherwise) from the current presidential administration.