sec – Techdirt (original) (raw)
Wyden: Data Broker Used Abortion Clinic Visitor Location Data To Help Send Targeted Misinformation To Vulnerable Women
from the the-warning-siren-can't-get-any-louder dept
Every few weeks for the last 20 years there’s been a massive scandal involving some company, telecom, data broker, or app maker over-collecting your detailed personal location data, failing to secure it, then selling access to that information to any nitwit with a nickel. And despite the added risks this creates in the post-Roe authoritarian era, Congress refuses to pass a real privacy law or rein in reckless data brokers.
The latest case in point: Senator Ron Wyden sent a letter to the SEC and FTC this week urging them to investigate and punish a data broker that collected the sensitive location data of more than 600 visitors to abortion clinics. A Wyden staff investigation found the broker then turned around and sold that data to an anti-abortion group that used it to send “targeted misinformation” to vulnerable women:
“As a result of the Dobbs decision, which reversed Roe v. Wade and allowed states to criminalize abortion, privacy of location data has become increasingly important. Wyden began investigating a data broker named Near Intelligence in 2023, after the Wall Street Journal reported that an anti-abortion organization named The Veritas Society used cell phone location data shared with online advertising companies to target misinformation about reproductive health to people who visited Planned Parenthood locations in Wisconsin.”
The full letter has more detail.
Shortly after Roe fell, privacy activists and a handful of senators warned very clearly how our longstanding refusal to regulate data brokers would result in sensitive behavior and location data being weaponized by extremists, activists and state prosecutors seeking to punish women (and those that help them).
Reporters made it clear how it was easy and cheap to buy granular location data on abortion clinic visitors with little discernment as to who was buying the data and what was being done with it.
The congressional response was to do jack shit, outside of trying to distract everybody with some performative and myopic whining about TikTok.
Wyden is once again (justly) warning regulators and his colleagues in Congress that the hour is getting late when it comes to getting ahead of this obvious problem:
“If a data broker could track Americans’ cell phones to help extremists target misinformation to people at hundreds of Planned Parenthood locations across the United States, a right-wing prosecutor could use that same information to put women in jail,” Wyden said. “Federal watchdogs should hold the data broker accountable for abusing Americans’ private information. And Congress needs to step up as soon as possible to ensure extremist politicians can’t buy this kind of sensitive data without a warrant.”
We’ve long noted that the federal government refuses to regulate data brokers or pass a federal internet-era privacy law for two reasons. One: corrupt politicians clearly believe making gobs of money is more important than market health or public safety. Two: the federal government exploits this corrupt dysfunction to purchase this data and avoid having to get traditional warrants.
The FTC under Lina Khan has been doing some good work in cracking down on a handful of data brokers, but the agency lacks the staff or resources to truly tackle the problem at the scale it’s operating at. It’s essential for Congress to act by passing a privacy law and regulating data brokers, but corruption (fueled by lobbying by numerous industries with near-bottomless budgets) prevents it from happening.
Yet when the press covers this whole mess (the Politico story on Wyden’s letter is a perfect example) they neither ask nor answer why the federal government has spent the better part of two decades tripping over its own ass. There’s no mention of corruption, or the government being utterly incompetent when it comes to doing even the bare minimum. The problem simply exists, utterly free of causation.
So we’ve somehow normalized the dysfunction and entered this holding pattern waiting for a privacy scandal so grotesque and harmful (potentially even fatal) that a corrupt Congress is forced to finally shake off its apathy and pass meaningful reforms. I’m not excited to see what this disaster actually looks like.
Filed Under: abortion, abortion clinic, data brokers, ftc, location data, privacy, reproductive care, ron wyden, scandals, sec, security, surveillance
Companies: near intelligence, planned parenthood, the veritas society
Court To Elon: No You Can’t Just Ignore The SEC’s Investigation Into Your Failure To Comply With The Law
from the if-only-we-could-all-just-ignore-the-inconvenient-parts-of-the-law dept
As you may recall, almost two years ago, Elon Musk announced, somewhat out of the blue, that he had accumulated somewhere close to 10% of Twitter’s equity, making him the single largest shareholder, and kicking off a chain of bizarre events that eventually put him in charge of the platform that he has rapidly driven to lose the vast majority of its value.
Many people pointed out at the time, that it appeared that Musk had pretty clearly and obviously violated the law, in missing an important regulatory deadline, by which he should have revealed that he had over 5% of the company’s equity.
It’s well known that Elon hates the SEC, going back to the fight he had with them regarding his dubious tweets about taking Tesla private, which resulted in a settlement that Musk seems to have mostly ignored, especially the bits about putting in place a committee to oversee Musk’s tweets. Over the last couple of years, Musk has tried (unsuccessfully) a few times to get out from under that settlement, claiming it was coercive.
Anyway, last year, the SEC finally sent a subpoena to Musk regarding that failure to report his stake in Twitter in a timely manner, and Musk appears to have bailed out on a promised testimony in response to the investigation. At least according to a legal filing the SEC made last fall to compel him to show up. In typical Musk fashion, he started coming up with highly questionable excuses for refusing to show up:
Musk failed to appear for testimony on September 15, 2023, as required by the investigative subpoena served by the SEC, despite (1) in May 2023, agreeing to appear for testimony on a date nearly four months later, in September 2023, (2) having been served with a subpoena in May 2023 requiring his appearance for testimony in the SEC’s San Francisco Regional Office on that mutually agreed upon date in September, (3) raising no objection to the subpoena at the time it was served or during the following months, and (4) approximately two weeks before his scheduled testimony, requesting and receiving an accommodation to move his scheduled testimony by one day. Instead, two days before his scheduled testimony, Musk abruptly notified the SEC staff that he would not appear. Musk attempted to justify his refusal to comply with the subpoena by raising, for the first time, several spurious objections, including an objection to San Francisco as an appropriate testimony location.
Musk’s response (from his favorite lawyer, Alex Spiro) was to whine that this was all part of a pattern of “abuse” by the SEC, and (hilariously) that enforcing the subpoena and requiring him to testify would “violate the constitution” based on the appointments clause (which we’ve discussed in other contexts).
Over the weekend, the magistrate judge overseeing the case, said, um, no, that’s not how this works, and ordering Musk to comply with the subpoena.
The court enforces the subpoena: the evidence is relevant and material to the SEC’s investigation, and the testimony is not unduly burdensome. As to the argument that the subpoena exceeds the SEC’s authority, the Exchange Act authorizes the subpoena, and the staff attorneys who issue subpoenas are not inferior officers subject to the Appointments Clause.
As the ruling notes, the SEC has broad subpoena authority and has documented reasons for seeking Musk’s testimony. The idea that this was done in bad faith or to harass Musk just doesn’t seem supported by the evidence:
Because the SEC issued its subpoena lawfully, the burden shifts to the respondent to prove that the subpoena was issued in bad faith or for an improper purpose, such as harassment or to pressure that person to settle a collateral dispute, Powell, 379 U.S. at 58, or is “overbroad or unduly burdensome,” EEOC v. Children’s Hosp. Med. Center, 719 F.3d 1426, 1428 (9th Cir. 1983). The respondent has not met this burden. He did not object to the subpoenas initially and asked only for an accommodation for his schedule. Only later did he object to the testimony as irrelevant and harassing, in part because he testified twice previously. The SEC’s view is that the timing suggests gamesmanship. But in any event, the contemplated testimony is about productions that post-dated his testimony.
It also notes that the SEC investigation goes beyond just the “late filing” issue and may be even more serious, and is clearly legitimate to investigate:
The respondent also suggests that the SEC’s investigation is overkill, pointing to its hijacking of the investigation into the respondent’s SEC Rule 13d-1 disclosures and contrasting its ordinary practice of fines for Rule 13d violations with the extensive investigation here. But the investigation is about more than a late filing: there are eleven Section 13 filings from April to July 2022. Also, the SEC is investigating potential fraud in connection with securities transactions, in violation of § 10(b) of the Exchange Act and Rule 10b-5, including the respondent’s public statements about Twitter.
The other investigations are not demonstrably harassment: they are legitimate government investigations. Cf. SEC v. Musk, No. 22-1291, 2023 WL 3451402, at *2 (2nd Cir. May 15, 2023) (affirming district court’s denial of the respondent’s motion to terminate the 2018 SEC consent degree and rejecting claim of harassment).
At the very least, this suggests that this issue may be a bigger deal than Musk and his supporters are letting on.
Filed Under: appointments clause, elon musk, gamesmanship, sec, testimony
Companies: twitter, x
Of Course Bank Execs Communicated Via Encrypted Messaging, But That’s Not The Fault Of Encryption
from the this-is-always-going-to-happen dept
I don’t think this is a surprise to anyone, but the SEC and the CFTC combined to issue fines on a bunch of Wall Street firms for execs communicating across encrypted messaging in a manner that wasn’t recorded and preserved as required. Being in a regulated industry means having to deal with all sorts of compliance requirements, that includes preservation of communications. But, of course, that freaks people out, so… they do what everyone does, and figure out ways to communicate outside of “official” channels such that it’s not recorded.
This could come in the form of… talking in person. Or over the phone. Or… by using third party messaging services that are widely available. And, if you’re going to do that, it’s no surprise that you’d use end-to-end encrypted services like Signal or WhatsApp.
The Securities and Exchange Commission today announced charges against 10 firms in their capacity as broker-dealers and one dually registered broker-dealer and investment adviser for widespread and longstanding failures by the firms and their employees to maintain and preserve electronic communications. The firms admitted the facts set forth in their respective SEC orders. They acknowledged that their conduct violated recordkeeping provisions of the federal securities laws, agreed to pay combined penalties of $289 million as outlined below, and have begun implementing improvements to their compliance policies and procedures to address these violations.
That’s from the SEC side. From the CFTC we get:
The Commodity Futures Trading Commission today issued orders simultaneously filing and settling charges against swap dealer and futures commission merchant (FCM) affiliates of four financial institutions for failing to maintain, preserve, or produce records that were required to be kept under CFTC recordkeeping requirements, and failing to diligently supervise matters related to their businesses as CFTC registrants.
The settling registrants admit the facts detailed in the orders, are ordered to cease and desist from further violations of recordkeeping and supervision requirements, and are ordered to engage in specified remedial undertakings.
There’s some overlap. Wells Fargo, BNP Paribas, and SG Americas/Société Générale) gets hit by both agencies.
The details are pretty much exactly what you’d expect:
The SEC’s investigation uncovered pervasive and longstanding “off-channel” communications at all 11 firms. As described in the SEC’s orders, the firms admitted that from at least 2019, their employees often communicated through various messaging platforms on their personal devices, including iMessage, WhatsApp, and Signal, about the business of their employers. The firms did not maintain or preserve the substantial majority of these off-channel communications, in violation of the federal securities laws. By failing to maintain and preserve required records, certain of the firms likely deprived the Commission of these off-channel communications in various SEC investigations. The failures involved employees at multiple levels of authority, including supervisors and senior executives.
I’ve seen some people using this as yet another opening to bash encryption, but encryption is not the problem here at all. First of all, encryption did not stop these banks from getting caught and fined. Second, as noted up top, people are always going to try to figure out ways to communicate that isn’t recorded. These messaging apps were convenient.
Indeed, if anything, these fines should (hopefully?) serve to get employees at these banks to be much more careful about how they communicate to avoid future fines. I still expect there to be plenty of attempts to get around the regulatory requirements to preserve communications, and it seems likely that bankers are going to get used to making phone calls or talking in person since that can’t be preserved in the same manner.
But, really, any time you have regulations requiring such archiving of so many communications, you just know that this kind of thing is likely to happen. There’s a reason why these industries are so heavily regulated… but there’s also a reason why the people in those industries really don’t want their communications preserved for future legal enquiries. There’s no perfect answer here, but these kinds of fines, (which, in total, added up to over half a billion dollars) at least suggest that there are financial penalties available for the banks that basically go “off-channel” as a standard way of communicating.
Filed Under: banks, cftc, communications, encryption, preservation, sec
Companies: bnp paribas, sg americas, wells fargo
Congress And The SEC Are Getting Basically Everything Wrong In Trying To Respond To ‘Meme Stocks’
from the the-man-can't-meme dept
As you’ll recall, a year and a half ago, much of the world who didn’t live on the WallStreetBets forum were introduced to the concept of meme stocks. As we discussed at the time, much of the embrace of such stocks by retail investors was really about people who were fed up with feeling like the entire financial system was rigged against them, and in favor of those already rich and powerful. The underlying concept that drove much of the meme stock effort was about every day investors trying to assert some pushback on the underlying system.
That’s not to say that the meme stocks worked out well for everyone. Plenty of people did lose money, because that’s part of the nature of investing. There’s an underlying myth that the entirety of meme stock investing was about ignorant investors doing silly things, but doing so en masse to effectively counter for their own ignorance. And, surely, there were some retail investors who just went along for the ride, for the lolz, or whatever. But especially with the original meme stock, GameStop, the core of that deal was a retail investor who had done a ton of research, had a real game plan, and a real argument for why the stock was undervalued.
Ever since then, however, there’s been scrambling by “the system” to deal with “the problem” of meme stocks. And, yes, there are a lot of questionable underlying assumptions that meme stocks are, indeed, a problem. A few weeks ago, the SEC launched its very, very weird response to the whole meme stock thing by trying to create a meme of its own, with a very, very cringeworthy video called Investomania.
So… a few comments on this. First off, encouraging anyone who is looking to invest to do some research is a reasonable enough message on its own, but this is the exact wrong way to deliver this message. The people who are into meme stocks quite reasonably mocked the SEC mercilessly for this nonsense.
And, yes, I’m sure you can piece together the sad logic by SEC folks that resulted in them taking this approach: these are meme stocks, so the people who are interested in them like memes, so let’s create a meme! That’ll do it!
But, again, that totally misunderstands what’s going on here. The general focus of the meme stock world is sticking it to the system that is rigged against them. The SEC is the system. The SEC is the Man. Having the system you’re trying to stick it to, then turn around and suggest that everyone investing in meme stocks is an idiot who doesn’t do research not only gets the message wrong, it targets the message in exactly the wrong way.
The Man can’t meme about why those trying to stick it to the man shouldn’t fall for meme stocks.
Yes, people investing in stocks should do research, and you’re very likely to lose a lot of money just chasing after dumb ideas, but this video is not actually targeting the people who just go along for the ride, but rather the people who are doing their research and are trying to make a difference against the underlying rigged system — while the SEC seems to be pretending that the system is fine, it’s just you stupid retail investors who are the problem.
And… now it’s getting worse, because Congress is getting involved.
The U.S. House Committee on Financial Services on Friday called for the SEC, along with other regulators, to do more to protect the markets from similar events.
The impetus for change came from the so-called “Reddit rally” of January 2021, in which GameStop Corp and other “meme stocks” popular on social media surged to extreme highs on buying from investors trading heavily through Robinhood and other commission-free retail brokerages.
The intense volatility led to big losses for hedge funds that had bet against the meme stocks.
Notice the language here. “Protect the markets.” Because it was “the markets” that suffered? No, as later noted, it was some hedge funds that had bet against these stocks that lost. They don’t need to be protected.
All this kind of thing does is make people even more sure the system itself is rigged against the everday retail investor.
Now, there are reasonable concerns that the SEC has about “payment for order flow” and how that creates potentially questionable incentives for firms like Robinhood, which really pioneered the zero commission trade setup after realizing that they could just sell their deal flow through Citadel, allowing that firm to pre-run the market. The main issue there is that companies like Robinhood get paid more for a larger order flow, which gives them incentive to, in turn, encourage retail investors to trade more.
But, it’s reasonable to be skeptical about whether the SEC’s and Congress’ actual concerns are about systems that may encourage retail investors to trade too much… or if it’s really about “protecting the market” in the form of protecting the hedge funds that lost a bunch of money.
Filed Under: congress, meme stocks, payment for order flow, sec
Because Of Course: Trump's SPAC Deal May Have Broken The Law
from the on-brand dept
If you thought that Trump’s new Truth Social website’s potential legal problems with its apparent failure to abide by the license on the open source code it seems to be using would be the worst legal problems facing the site, well, you underestimated The Donald. There’s been plenty of talk about the SPAC deal that valued the company at billions of dollars through one of those reverse merger IPOs. But, now the NY Times is reporting that the way the deal was done may have violated securities laws. So on brand.
To get his deal done, Mr. Trump ventured into an unregulated and sometimes shadowy corner of Wall Street, working with an unlikely cast of characters: the former ?Apprentice? contestants, a small Chinese investment firm and a little-known Miami banker named Patrick Orlando.
Mr. Orlando had been discussing a deal with Mr. Trump since at least March, according to people familiar with the talks and a confidential investor presentation reviewed by The New York Times. That was well before his SPAC, Digital World Acquisition, made its debut on the Nasdaq stock exchange last month. In doing so, Mr. Orlando?s SPAC may have skirted securities laws and stock exchange rules, lawyers said.
SPACs sell their shares to investors through an initial public offering and then find a private company with which to merge. Because SPACs are empty vessels, stock exchanges allow them to list their shares without disclosing much financial information. But that creates opportunities for SPACs to serve as backdoor vehicles for companies to go public without receiving the kind of investor scrutiny they would in a traditional listing. To prevent that, SPACs aren?t supposed to have a merger planned at the time of their I.P.O.
Ooops.
And it gets worse:
Another issue is that Digital World?s securities filings repeatedly stated that the company and its executives had not engaged in any ?substantive discussions, directly or indirectly,? with a target company ? even though Mr. Orlando had been in discussions with Mr. Trump.
Given the politically fraught nature of a deal with Mr. Trump, securities lawyers said that Digital World?s lack of disclosure about those conversations could be considered an omission of ?material information.?
You don’t say.
Of course, given all this, how much do you want to bet that it would be Orlando on the hook for this, rather than Trump? Either way, the NY Times has more details suggesting that, despite Digital World insisting that it didn’t have any acquisition deals in place, everyone in Trump world was blabbering on about the SPAC deal they had set to go.
In early July, Phillip Juhan, a former financial analyst who had also been an executive at a bankrupt fitness company, was introducing himself to people as Trump Media?s chief financial officer. He said the company was in an ?exclusive agreement? with a SPAC, according to one of the people.
So now the question is, which is going to be more of a problem for Trump’s new operation? The Software Freedom Conservancy (SFC) or the SEC?
Filed Under: donald trump, patrick orlando, sec, spac
Companies: digital world acquisition, tmtg, truth social
SEC Sues AT&T For Leaking Info To Analysts To Cover Up Drooping Smartphone Sales
from the free-ride-appears-to-be-over dept
Wed, Mar 10th 2021 06:31am - Karl Bode
AT&T had a damn good ride during the Trump administration. Not only did it convince Trump regulators to effectively lobotomize the nation’s top telecom regulator (right before a pandemic, no less), the company got billions in tax breaks for doing effectively nothing. And while the government did sue AT&T over the Time Warner merger, that had more to do with making Rupert Murdoch happy than making life hard on AT&T (AT&T won the lawsuit anyway). All told, AT&T nabbed billions upon billions in regulatory favors, merger approvals, and tax breaks. In exchange the US public saw…58,000 layoffs.
As another indication that AT&T’s good times may be slowing down, the SEC filed suit against AT&T this week, accusing the telecom giant of leaking cell phone sales information to analysts and reporters to change their revenue forecasts for the company. This, in turn, let AT&T “beat” analysts’ revenue forecasts in the first quarter of 2016, according to the SEC complaint (pdf). Technically, the SEC says AT&T violated the Securities Exchange Act and the SEC’s Regulation “fair disclosure” rules, which “prohibit selective disclosures by issuers of material nonpublic information to securities analysts.”
Granted, this will now see a year+ of litigation ending it a tiny, pathetic fine (that could then be negotiated away to nothing), but it’s still interesting to see regulators trying. From the SEC announcement:
“The SEC remains committed to assuring an even playing field by taking appropriate action, including litigation when necessary, against public companies and their executives who selectively disclose material nonpublic information,” added Melissa R. Hodgman, Acting Director of the Division of Enforcement.”
Note that this four year investigation saw no charges during the Trump administration. Something AT&T tries to claim suggests that the company is innocent in a press release:
“AT&T claimed in a response Friday that “there was no disclosure of material nonpublic information and no violation” and said it will fight the lawsuit. AT&T also said that the SEC “spen[t] four years investigating this matter,” but no charges were brought during the Trump administration. The lawsuit was filed about six weeks after President Biden appointed Democrat Allison Lee as acting chair for the SEC; although the SEC is an independent agency, its commissioners and chair are appointed by the president.”
Granted I’ve spent several decades watching AT&T get “creative” in terms of earnings reports, particularly when it came to trying to hide the company’s traditional broadband subscriber losses due to a lack of upgrades. This is also the same company that professed its innocence when it was sued by the US government for ripping off the hearing impaired, making bills more complicated so it would be easier for “crammers” to rip off its customers, turning a blind eye as drug dealers ran scams on its directory assistance customers, and for ripping off a program for low income Americans, so context matters.
Filed Under: fair disclosure, revenue forecasts, sec
Companies: at&t
A Legal Fight Against The SEC May Represent Our Last Hope For An Open, Distributed Internet
from the pay-attention dept
Let’s get this out of the way up top: yes, many cryptocurrencies and “Initial Coin Offerings” (ICO’s) were complete scams, designed to dupe people out of billions of dollars. It’s entirely reasonable to call those out, and to argue that there should be some significant regulatory oversight of such scams. However, it is also possible to believe that an overreaction to such scams could kill off a nascent attempt to rebuild a truly open and distributed internet. For years now, I’ve been talking about why we could better fulfill the dream of an open, distributed internet if we were to move to a world of protocols, not platforms, and in a more recent post, I’ve discussed some policy proposals to help the world move in that direction — with the final one concerning the SEC, and getting it to stop looking at cryptocurrencies solely as a financial instrument nearly identical to a security. This is not to avoid all scrutiny of cryptocurrencies. But having a working cryptocurrency system in which the success of a protocol can be driven by its actual usage and development, rather than ads or “surveillance capitalism”, would benefit massively from more freedom to experiment.
While it does not appear that, by itself, it will be that successful, a few years back the social network/messaging app Kik started an experiment in this space, raising $100 million with an ICO and designing it so that its “Kin” tokens could be used to reward developers who build services. The company has put some effort into encouraging developers to build within its ecosystem, and for others to use the Kin tokens as currency.
However, mostly behind the scenes, Kik and the SEC have been having a bit of a fight over whether or not the ICO was an unregistered securities sale. Back in January, the company revealed that it had been negotiating with the SEC over the whole thing.
The SEC isn?t accusing Kik of fraud, Mr. Livingston said. Rather, its enforcement division believes Kik failed to register the sale with the SEC and thus didn?t give investors the proper information. The agency?s enforcement action must be authorized by the SEC?s commissioners, and it?s unknown whether they have voted to authorize the litigation.
[….]
The SEC says most digital tokens are covered by a 73-year-old Supreme Court decision that defined which investments are considered securities. Many tokens meet the court?s test because they can be traded for profit, and their value is tied to the performance of the startup that sold them, regulators say.
In a 39-page rebuttal on Dec. 10 to the SEC, Kik argued the sale terms, in fact, don?t constitute an investment contract, and investors weren?t led to expect to profit on their purchase of kin.
?Bringing the proposed enforcement action against Kik and the foundation would amount to doubling down on a deeply flawed regulatory and enforcement approach,? the company?s lawyers wrote, according to copy of the rebuttal reviewed by the Journal.
Since that time, the two sides have continued to negotiate, with Kik basically now admitting it wants a judge to weigh in because it can’t get the SEC to see things its way. It has announced that it has set aside $5 million to go to court with the SEC over this matter (and is asking for further donations).
Despite the fact that last month over 300,000 people earned and spent Kin as a currency, the SEC is still saying that it might be a security. After months of trying to find a reasonable solution, Kin has been unable to reach a settlement that wouldn?t severely impact the Kin project and everyone in the space. So Kin is going to take on the SEC in court to make sure there is a foundation for innovation going forward.
As the company notes, the current ambiguity is acting as a real “innovation tax” in the space. Many companies are refusing to experiment with these kinds of offerings, or even to work with existing tokens, out of fear of how an SEC might completely upend the space with a decision one way or the other. Indeed, in a recent talk by SEC Commissioner Hester Peirce (who is supportive of more experimentation with crypto), she very clearly worries about how ambiguities in the way the SEC has acted over the last couple of years will stifle innovation. The speech notes that the SEC has mostly avoided heavy handed regulation in the space, but that it has not done much to help actually clarify the rules.
The SEC staff recently issued a framework to assist issuers with conducting a Howey analysis of potential token offerings. The document is a thorough 14 pages. It points to features of an offering and actions by an issuer that could signal that the offering is likely a securities offering. If this framework helps issuers understand what the different Howey factors might look like in an ICO context, it may be valuable. I am concerned, however, that it could raise more questions and concerns than it answers.
While Howey has four factors to consider, the framework lists 38 separate considerations, many of which include several sub-points. A seasoned securities lawyer might be able to infer which of these considerations will likely be controlling and might therefore be able to provide the appropriate weight to each. Whether the framework gives anything new to the seasoned securities lawyer used to operating in the facts and circumstances world of Howey is an open question. I worry that non-lawyers and lawyers not steeped in securities law and its attendant lore will not know what to make of the guidance. Pages worth of factors, many of which seemingly apply to all decentralized networks, might contribute to the feeling that navigating the securities laws in this area is perilous business. Rather than sorting through the factors or hiring an expensive lawyer to do so, a wary company may reasonably decide to forgo certain opportunities or to pursue them in a more crypto-friendly jurisdiction overseas.
On the same day the Corporation Finance staff issued the Framework, the staff also issued the first token no-action letter in response to an inquiry from TurnKey Jet, a charter jet company. The company intended to effectively tokenize gift cards. Customer members could purchase tokens that would be redeemable, dollar for dollar, for charter jet services. The tokens could be sold only to other members. This transaction is so clearly not an offer of securities that I worry the staff?s issuance of a digital token no-action letter?the first and so far only such letter?may in fact have the effect of broadening the perceived reach of our securities laws. If these tokens were securities, it would be hard to distinguish them from any medium of stored value. Is a Starbucks card a security? If we are going that far, I can only imagine what name the barista will write on my coffee cup.
And yet, the staff?s letter did not stop at merely stating that the token offering would not qualify as a securities offering, but highlighted specific but non-dispositive factors. In other words, the letter effectively imposed conditions on a non-security. For example, the staff?s response prohibits the company from repurchasing the tokens unless it does so at a discount. Further, as I mentioned earlier, the incoming letter precluded a secondary market that includes non-members. Does that mean that a company that chooses to offer to repurchase gift cards at a premium or that allows gift card purchasers to sell or give them to third parties needs to call its securities lawyer to start the registration process?
As Peirce notes, there are still so many hugely open questions, and the potential liability for getting any of these wrong is clearly holding back many possible innovations that could be quite important to a more distributed, more open, internet. After listing out a bunch of unanswered questions, she notes:
On these points, the SEC has been nearly silent. This silence may ultimately be deadly. An issuer can conduct a private securities offering with no SEC involvement. The rules that distinguish a private from a public offering focus on the offerees and investors. The form that the security is in?whether shares of common stock or interests in orange groves?has no bearing on how the rules operate. The rules that govern broker-dealers, investment advisers, auditors, and trading platforms are different. They govern the ownership, storage, and exchange of securities?exactly the aspects of digital assets that the crypto industry seeks to transform. A broker or adviser cannot custody an asset if it does not know how to show it has possession and control of the asset. An auditor must be able to review and verify the actual transactions.
Additionally, while issuers that rely on the private offering exemption do not need SEC permission to issue securities, a platform cannot trade securities unless it is registered with the SEC as an exchange or an alternative trading system. A broker-dealer generally must register with the SEC and FINRA.
The SEC has yet to provide guidance to the public or FINRA on any of the core questions. The result is that many would-be brokers and trading platforms are stuck in a frustrating waiting mode; they are unable to get clear answers to questions about how they may proceed in this market.
This is why Kik/Kin going to court to force the SEC to make some decisions is so important here. Venture capitalist Fred Wilson put up a blog post explaining why:
Sadly, the SEC looks at crypto tokens and sees securities that they want to regulate as such. They cannot seem to understand that not all of these assets are securities, they cannot seem to understand that most are commodities, currencies, or utilities like frequent flyer miles. They cannot understand that crypto tokens are unlike any assets that have come before them and that crypto tokens need new regulatory structures. They cannot understand that their unwillingness to come up with new rules paired with their ?regulate by enforcement? strategy is hurting the crypto sector, pushing it offshore, and is causing most of the new projects to raise capital outside of the US and/or put together legal structures that look like Frankenstein monsters.
None of this is an attempt to argue that there shouldn’t be any oversight over cryptocurrencies. Clearly, and obviously, there have been many that are little more than ponzi schemes and get rich quick cons. The entire space will benefit from some clear rules that enable greater experimentation with things like helping to fund protocols via such tokenization — but the SEC’s overall approach to date has been one where it seems on the one hand to be afraid to do anything at all other than make scary noises and threats, and on the other to be hinting that any new cryptocurrency offering should have to go through an FDA-like approval process before it might hit the market. This is an untenable position.
I have my doubts as to whether the Kik/Kin approach to cryptocurrency will itself work. But its legal fight is an important one, if you’d like to see a better decentralized internet. Dealing with scams is one thing, but if every new platform startup needs to go through the regulatory rigmarole as if it were a company preparing to go public, that would be a massive chill on innovation and experimentation. There needs to be a better, more permissionless manner of exploring these ideas, so what happens with Kik’s legal challenge here will ultimately be extremely important for the future of a world of protocols over platforms.
Filed Under: cryptocurrency, distributed internet, kin, protocols, regulations, sec
Companies: kik, kin
Congress Tries Once Again To Require Warrants To Search Emails
from the will-it-actually-happen? dept
The efforts to reform ECPA — the Electronic Communications and Privacy Act — have been going on for basically two decades at this point. The law, which was passed in 1986, has a whole bunch of problems, with the biggest one (as we’ve discussed dozens of times) being that it considers any email that’s been on a server for more than 180 days “abandoned,” and thus freely searchable by law enforcement without a warrant. That’s because there was no concept of cloud computing back in 1986. People who got email “retrieved” those emails off of a server and downloaded them to local storage. Many in Congress have been trying to fix this for so, so, so many years. And it always gets blocked. The IRS and the SEC have both been fairly proactive in trying to block ECPA reform bills that will require a warrant (funny: I thought it was the 4th Amendment that made such a warrant necessary, but, silly me, no one cares about the 4th Amendment any more).
Last year, a plan to fix ECPA, called the Email Privacy Act, with an astounding 315 co-sponsors, passed the House unanimously. As we noted at the time, this is fairly incredible. In these contentious times — especially on issues related to surveillance and law enforcement — to have a unanimous vote on a law that says “get a warrant” if you want access to emails, is quite incredible. But, of course, even with that much support on that side of Congress, the Senate has a way of killing ECPA reform each and every year. Last year, a few Senators — including Jeff Sessions, who is likely to be our next Attorney General — tried to bury it with ridiculous amendments that would expand surveillance.
On Monday, the reintroduced Email Privacy Act easily passed the House via a voice vote, showing that our Congressional Members still recognize how important this is. Of course, now it gets to go back to the Senate, and we saw how well that worked last year. And then we have to believe that President Trump will sign the bill. Stranger things have happened, of course, but it still seems like a longshot that real ECPA reform will become law this year. It’s great that Rep. Kevin Yoder, along with Reps. Jared Polis, Bob Goodlatte, John Conyers, Ted Poe, Suzan DelBene, Will Hurd, Jerry Nadler, Doug Collins and Judy Chu keep pushing this bill. I disagree with many of the folks on that list on a number of other issues we cover, but the fact that they’re willing to support basic 4th Amendment concepts for email is worthy of recognition. Now, hopefully, the Senate won’t try to muck it up again.
Filed Under: 4th amendment, ecpa, ecpa reform, email, email privacy act, irs, kevin yoder, sec, warrants
SEC And Chuck Grassley Still Trying To Stop Email Privacy Act That Got UNANIMOUS Support In The House
from the because-fuck-the-4th-amendment,-that's-why dept
Hey, remember last week, when lots of folks were super excited about the US House of Representatives unanimously voting in favor of the Email Privacy Act? They voted 419 to 0. That kinda thing doesn’t happen all that often. I mean, sure it happens when condemning ISIS, but they couldn’t even make it when trying to put sanctions on North Korea. Basically, something needs to be really, really screwed up to get a unanimous vote in the House. And the Email Privacy Act, which goes a long way (though not far enough) towards fixing ECPA (the Electronic Communications Privacy Act of 1986) that makes it way too easy for the government to snoop on your electronic communications, actually got that unanimous vote.
So it should be moving forward and well on its path to becoming law, right? Right?!? Well… about that. You see, as we’d mentioned in the past, the SEC has been the main voice of opposition to the Email Privacy Act, since it (along with the IRS), kinda like the fact that they can snoop through emails without a warrant. Never mind that it’s probably unconstitutional, it makes their jobs so much easier. And, really, isn’t that the important thing?
Apparently, Senator Chuck Grassley thinks so. And, hey, bad luck for, well, everyone, because Grassley just happens to be the guy in charge of moving the bill forward on the Senate side. And he’s not having any of it right now, claiming that there are “concerns” about the bill:
?Members of this committee on both sides of the aisle have expressed concerns about the details of this reform, and whether it?s balanced to reflect issues raised by law enforcement,? said Sen. Charles Grassley, the chairman of the Senate Judiciary Committee, on Thursday.
Concerns? It didn’t seem like anyone in the House was concerned about it because (I should remind you) it passed unanimously. And that’s because it’s really only making fairly common sense changes to the law to require a warrant (as required by the 4th Amendment) to snoop on emails.
And just what “law enforcement” issues have been raised? Sounds like it’s our friends at the SEC yet again:
The Securities and Exchange Commission is still fighting a House-passed bill to require law enforcement to get a warrant before obtaining messages from email providers. ?[The Email Privacy Act] would create a dangerous digital shelter for fraudsters,? SEC Enforcement Director Andrew Ceresney said in a statement to POLITICO. ?The privacy interests the bill addresses can be fully achieved without blocking civil law enforcement agencies like the SEC from obtaining the evidence it needs to protect investors.?
No. Actually, it doesn’t create a “digital shelter for fraudsters.” That’s SEC Enforcement Director Andrew Ceresney lying through his teeth. It just means that the 4th Amendment needs to be obeyed when obtaining emails that are hosted on cloud providers. Just like a warrant is needed to obtain someone’s personal papers. It’s not creating a digital shelter. It’s harmonizing the rules for digital content so they match the rules for physical documents and communications. And, in doing so, protecting the privacy and the very concept of the 4th Amendment.
Either way, all that momentum in the House may be for nothing if the SEC and Grassley get their way.
Filed Under: chuck grassley, congress, ecpa, ecpa reform, email, email privacy act, house, irs, privacy, sec, senate
Congress Might Actually Be Moving Forward On Fixing Outdated Email Privacy Law!
from the didn't-see-that-coming dept
We’ve been talking about and asking for ECPA reform for many, many years, and it might finally be moving forward. ECPA is the Electronic Communications Privacy Act, which details how the government can get access to your electronic communications. The law was written in the early 1980s, and as you’ve probably noticed, we live in a very different world these days as it pertains to electronic communications. One key example: the law says that messages left on a server for more than 180 days are considered abandoned and can be searched without a warrant. That may have made some sense (though, not really) in a client-server era, where everyone downloaded their messages leading to them being deleted from a server, but it makes no sense at all in an era of cloud computing.
The main foes against updating ECPA have been government agencies that have investigatory powers, but not the ability to get a warrant — mainly the SEC and the IRS, with the SEC being the real stumbling block. The SEC really liked the fact that it could snoop through emails without a warrant. So, even with massive support in Congress, ECPA reform never went anywhere.
So it was a bit surprising to folks this week to see Rep. Bob Goodlatte announce that the Judiciary Committee will now markup the ECPA reform bill, meaning that the bill is moving forward again. It’s not entirely clear why it’s happening now, but at the very least, it sounds like the SEC’s constant protests may no longer be an obstacle. Hopefully it does move forward, and whatever results from the process leads to much stronger privacy protections on electronic communications, such as actually requiring a warrant, like the 4th Amendment says should happen.
Filed Under: bob goodlatte, ecpa, ecpa reform, electronic communications, email, irs, judiciary committee, markup, sec, surveillance