Summary
explaining that the SEC's theory rests on "two undisputed events: the fact of the hack, and the proximity to the hack of the trades by [defendant,] who was the only individual to trade heavily in IMS Health put options subsequent to the hack"
Summary of this case from S.E.C. v. DorozhkoOpinion
No. 07 Civ. 9606 (NRB).
January 8, 2008
Carl Alan Tibbetts, Paul Alan Gumagay, U.S. Securities and Exchange Commission, Washington, DC, Robert B. Blackburn, U.S. Securities and Exchange Commission, New York, NY, for Plaintiff.
Charles Albert Ross, Christopher L. Padurano, Charles A. Ross Associates, LLC, New York, NY, for Defendant.
MEMORANDUM AND ORDER
Presently before the Court are (1) the Securities and Exchange Commission's ("SEC") motion for a preliminary injunction freezing the proceeds of trades in put options of IMS Health Inc. ("IMS Health") stock executed on October 17-18, 2007 by Oleksandr Dorozhko, and (2) defendant Dorozhko's motion to dismiss the complaint, pursuant to Fed.R.Civ.P. 12(b)2, 12(b)6, and 9(b). Dorozhko is a Ukranian national and resident who has asserted a Fifth Amendment privilege not to testify in this matter.
On October 29, 2007, the SEC filed the instant complaint alleging that Dorozhko violated § 10(b) of the Securities Exchange Act of 1934 ("Exchange Act") ( 15 U.S.C. § 78j (b)), and Rule 10b-5 promulgated thereunder ( 17 C.F.R. § 240.10b-5) by either hacking into a computer network and stealing material non-public information, or through a more traditionally-recognized means of insider trading such as receiving a tip from a corporate insider. (Complaint ¶ 3.) On the same date, the SEC applied for, and this Court granted, a temporary restraining order freezing the proceeds of Dorozhko's trades.
At a preliminary injunction hearing held before this Court on November 28, 2007, the SEC presented evidence that Dorozhko hacked into the computer network of Thomson Financial ("Thomson Financial") at 2:15:28 p.m. (EST) on October 17, 2007. The SEC presented computer logs that showed that at 2:15:28 p.m., an unauthorized user gained access to IMS Health's soon-to-be-released negative earnings announcement, which was scheduled to be released to the public later that day at around 5:00 p.m. The SEC further showed that approximately 35 minutes after the hack occurred, and just a matter of hours before the information was to be released to the public, Dorozhko, who had recently opened an online brokerage account but had not yet used the account, purchased $41,670.90 worth of October 25 series and October 30 series put options in IMS Health stock. The purchases represented about 90% of all customer purchases of the October 25 and October 30 put options of IMS Health stock for the entire six week period between September 4, 2007 and October 17, 2007. (Complaint ¶ 19.) The very next morning, when the market opened, Dorozhko sold the options for $328,571.00, a return overnight of 697%.
See SEC Preliminary Injunction Hr'g Ex. 2, a computer log of unauthorized access into the IMS Health website at Thomson Financial.
The conclusion that Dorozhko is the likely hacker is the result of two undisputed events: (1) the fact of the hack, and (2) the proximity to the hack of the trades by Dorozhko who was the only individual to trade heavily in IMS Health put options subsequent to the hack. As discussed more fully below, the barrier to issuing a preliminary injunction at this stage in the proceedings is that the alleged `hacking and trading' — while illegal under any number of federal and/or state criminal statutes — does not amount to a violation of § 10(b) of the Exchange Act under existing case law. For, as the SEC even acknowledges, in the 74 years since Congress passed the Exchange Act, no federal court has ever held that the theft of material non-public information by a corporate outsider and subsequent trading on that information violates § 10(b). Uniformly, violations of § 10(b) have been predicated on a breach of a fiduciary (or similar) duty of candid disclosure that is "in connection with" the purchase or sale of securities. See, e.g., Chiarella v. United States, 445 U.S. 222, 227-30, 100 S.Ct. 1108, 63 L.Ed.2d 348 (1980); United States v. O'Hagan, 521 U.S. 642, 653-660, 117 S.Ct. 2199, 138 L.Ed.2d 724 (1997); S.E.C. v. Zandford, 535 U.S. 813, 825, 122 S.Ct. 1899, 153 L.Ed.2d 1 (2002); see also Regents of University of California v. Credit Suisse First Boston (USA) Inc., 482 F.3d 372, 389 (5th Cir. 2007). To eliminate the fiduciary requirement now would be to undo decades of Supreme Court precedent, and rewrite the law as it has developed. It is beyond the purview of this Court to do so.
See infra. The conduct alleged might violate the computer fraud statute, 18 U.S.C § 1030(a)(4), and the mail and wire fraud statutes, 18 U.S.C. § 1341 et seq.
This case highlights a potential gap arising from a reliance on fiduciary principles in the legal analysis that courts have employed to define insider trading, and courts' stated goal of preserving equitable markets. See generally Affiliated Ute Citizens of Utah v. United States, 406 U.S. 128, 151, 92 S.Ct. 1456, 31 L.Ed.2d 741 (1972) (noting that federal securities law should be "construed not technically and restrictively, but flexibly to effectuate its remedial purposes") (citations omitted). Yet, on further consideration, the gap is not as troublesome as it may appear, since the government retains ample methods of combating inequitable practices of the kind alleged here. Indeed, we would not have to address the tension between the fiduciary requirement and the goal of preserving fair and open markets had the SEC acted on this Court's suggestion at the November 28, 2007 preliminary injunction hearing that a way to avoid a decision that would result in the release of the restrained trading proceeds was to refer this matter to the United States Attorney's Office for criminal investigation. Based on the evidence provided at the November 28, 2007 hearing there would appear to be sufficient basis to conclude that Dorozhko's hack violated the Computer Fraud and Abuse Act, 18 U.S.C. § 1030(a)(4), the mail fraud statute, 18 U.S.C. § 1341 et seq., and the wire fraud statute, 18 U.S.C. § 1341 et seq. See, e.g., Physicians Interactive v. Latkian Systems, Inc., No. 03-1193-A, 2003 WL 23018270, *1 (E.D.Va. Dec. 5, 2003) (granting a temporary restraining order and preliminary injunction under 18 U.S.C. § 1030 because the defendant hacked into a restricted website and stole confidential information). The U.S. Attorney's Office has authority to seize Dorozhko's trading proceeds under 18 U.S.C. § 981(b).
However, since the SEC has apparently declined, for whatever reason, to involve the criminal authorities in this case, we must address an inconvenient truth about our securities laws — an issue that has sent Supreme Court justices into dissent, see Chiarella, 445 U.S. at 245, 100 S.Ct. 1108 (1980) (Blackmun, J. dissenting) and provoked numerous law review articles. See, e.g., Robert A. Prentice, The Internet and Its Challenges for the Future of Insider Trading Regulation, 12 Harv. J.L. Tech 263, 296-307 (Winter 1999).
Upon a searching review of existing case law, and for the reasons that follow, we believe that we are constrained to hold that Dorozhko's alleged `stealing and trading' or `hacking and trading' does not amount to a violation of § 10(b) and Rule 10b-5 because Dorozhko did not breach any fiduciary or similar duty "in connection with" the purchase or sale of a security. Although Dorozhko may have broken the law, he is not liable in a civil action under § 10(b) because he owed no fiduciary or similar duty either to the source of his information or to those he transacted with in the market. See O'Hagan, 521 U.S. at 656, 117 S.Ct. 2199. As the Supreme Court famously held in Chiarella, and has reaffirmed since, "one who fails to disclose material information prior to the consummation of a transaction commits fraud only when he is under a duty to do so." 445 U.S. at 228, 100 S.Ct. 1108; see also O'Hagan, 521 U.S. at 654-56, 117 S.Ct. 2199.
Thus, we deny the SEC's motion for a preliminary injunction, but we stay the effect of our order until January 14, 2007 to allow SEC to seek a stay pending appeal from the Court of Appeals pursuant to Fed.R.App.P. 8(a)(2).
We also deny Dorozhko's motion to dismiss the complaint at this time as the SEC's complaint adequately pleads a traditional theory of liability under § 10(b), in addition to its novel `hacking and trading' theory, and we believe that the SEC should be allowed to conduct discovery to ascertain whether Dorozhko's trading was the product of a tip from a corporate insider.
FACTS
Defendant Oleksandr Dorozhko is a selfemployed Ukranian national residing in Uzhgorod, Ukraine. (Second Declaration of Paul A. Gumagay, Counsel to the SEC, in Support of a Preliminary Injunction ¶ 3 and Ex. B attached thereto; see also Second Gumagay Decl. ¶ 4 and Ex. C.) On or about October 4, 2007, Dorozhko wiretransferred $42,500 to Interactive Brokers LLC ("Interactive Brokers"), a registered broker-dealer based in Greenwich, Connecticut, to open an online trading account. (Second Gumagay Decl. ¶¶ 4-5 and Ex. C-D.) In his application to open the account, Dorozhko represented that he had an annual income in the range of $45,000 — $50,000, and a net worth in the range of $100,000 — $250,000. (Second Gumagay Decl. ¶ 4 and Ex. C.)
IMS Health is a publicly-traded company headquartered in Norwalk, Connecticut. On October 17, 2007, IMS Health planned to announce its earnings for its 2007 fiscal year at about 5:00 p.m. (EST) after the close of markets. (Declaration of Michael Fox, Director of Employee and Executive Communications at IMS Health, ¶ 4.) Specifically, IMS Health was set to announce negative earnings growth, a performance well below consensus analyst estimates. ( Id.) Although there had been some minor speculation on a health care blog and in an industry chat room back in September 2007 that certain of IMS Health's clients were having reporting errors with IMS market-share data (Dorozhko Reply Memorandum of Law in Further Support of Motion to Dismiss Ex. 5), there were no major media or analyst reports around the time anticipating negative earnings. (Fox Decl. ¶ 4.) In fact, in the months leading up to the release of IMS Health's third-quarter earnings, analysts had rated IMS Health shares as "market perform" and "peer perform"; and one major analyst had upgraded the stock. (Dorozhko Preliminary Injunction Hr'g ("Hr'g") Ex. D.)
For several years, Thomson Financial, a division of the Thomson Corporation, has hosted IMS Health's investor relations website, and provided secure webcasting and audiocasting services for IMS Health's public release of earnings information. (Hr'g Tr. at 23, 28.) Thomson Financial provides similar services to many Fortune 500 companies. (Hr'g Tr. at 24-25.) Before it releases its earnings reports through Thomson Financial, IMS Health routinely publicizes the date, time, and internet location for its conference call/web-cast. (Hr'g Tr. at 69.) Thus, as early as October 9, 2007, IMS Health had publicly disclosed that it would announce its third quarter earnings on October 17, 2007 at around 5:00 p.m. (EST) on the IMS Health website at Thomson Financial. (Hr'g Tr. at 69-70; Dorozhko Hr'g Ex. A.)
On the date of the release, October 17, 2007, at 8:06 a.m. (EST), a computer hacker from Internet Protocol address ("IP address") 83.98.156.219 began probing the IMS Health website at Thomson Financial. (SEC Hr'g Ex. 2; Hr'g Tr. at 35.) Since Thomson Financial had not yet received the earnings report from IMS Health, the hacker's attempt to retrieve information was unsuccessful. (Hr'g Tr. at 35, 49.) Three times thereafter, at 12:10 p.m., 12:51 p.m., and 1:52 p.m. respectively, the same IP Address attempted to access the information, to no avail. (SEC Preliminary Injunction Hr'g Ex. 2; Hr'g Tr. at 38.)
The IP address is registered in the Netherlands, but the actual user could be anywhere due to a location-hiding technique called "spoofing."
At 2:01 p.m., IMS Health sent Thomson Financial PowerPoint slides containing its earnings report. (SEC Hr'g Ex. 1; Fox. Decl. ¶ 6.) Upon receiving the slides, Thomson Financial transformed the slides into a certain proprietary format, and, using a custom tool, uploaded the slides to an internal secure server where they were staged and waiting to be uploaded for public viewing at 5:00 p.m. Thomson completed this process quickly, and had the slides uploaded on to its own internal server by around 2:08 p.m. (SEC Post-Hearing Memorandum of Law at 4.) Both IMS Health and Thomson Financial expected the slides to remain confidential until 5:00 p.m., and had established procedures to provide security. (Hr'g Tr. at 24, 49-51.)
At 2:15.01 p.m., the hacker from IP Address 83.98.156.219 again probed the Thomson Financial network, and this time discovered that Thomson Financial had received the slides and uploaded them to the secure site. (SEC Hr'g Ex. 2; Hr'g Tr. at 32-38.) Within 27 seconds, starting at 2:15:28 p.m., the hacker managed to breach Thomson Financial's security system and began viewing the slides. By 2:18:43, the hacker had downloaded or viewed all the slides containing IMS Health earnings report. ( Id.)
While the hacker's IP address has not been traced at this stage, the circumstantial evidence pointing to Dorozhko as the hacker is powerful. At 2:52 p.m., less than thirty minutes after the hacker breached security at Thomson Financial, Dorozhko, who had yet to trade in the account he had opened at Interactive Brokers, began using his account at Interactive Brokers to buy all available put options in IMS Health. Within 14 minutes, by 3:06 p.m., Dorozhko had bought $41,670.90 worth of IMS Health put options. He bought 300 options with a strike date of October 25, and 330 options with a strike date of October 30. (Declaration of Martin John Ward, Compliance Counsel to Interactive Brokers, ¶ 10 and Ex. 5.)
Dorozhko's purchases represented about 90% of all purchases of the October 25 and October 30 put options of IMS Health stock for the entire six week period between September 4, 2007 and October 17, 2007. (Complaint ¶ 19.) Based on the representations Dorozhko made to Interactive Brokers when he opened his account, these purchases were approximately equivalent to his annual income, and at the very least one fifth of his net worth. Perhaps most tellingly, Dorozhko stood to lose money on some of the trades unless the price of IMS Health stock declined dramatically in two days. The options that Dorozhko purchased were American-style options, which expire on the Saturday following the third Friday of the month, or, in this case, two days after Dorozhko bought them, on October 19. (Hr'g Tr. 111-113.) Many of the options Dorozhko bought had strike prices below the current price of IMS Health stock ("out-of-themoney options"), some even as much as 20% below October 17th levels. Therefore for Dorozhko to have made a profit on these out-of-the-money options, the share price of IMS health would have had to decline suddenly and dramatically. ( Id.)
At 4:30 p.m., the close of market, IMS Health shares were trading at $29.56. (Second Gumagay Decl. ¶ 2, and Ex. A.) At 4:33 p.m., IMS Health released its third quarter earnings to the public. The report showed GAAP (Generally Accepted Accounting Principles) earnings of only $0.29 per share, 28% below analyst consensus estimates, and 15% below the previous year's third-quarter earnings. (Second Gumagay Decl. ¶¶ 8-9 and Exs. G-H.)
The trading volume for the day had been 832,500 shares. (Second Gumagay Decl. ¶ 2, and Ex. A.)
The market reacted severely when it opened at 9:30 a.m. the following morning, October 18, 2007. IMS Health's stock price plunged 28% almost immediately, to $21.20 per share, the steepest decline in the stock's 52-week trading history. (Second Gumagay Decl. ¶ 12 and Ex. A.) At 9:35 a.m., Dorozhko began selling the put options he had purchased the previous day. Within six minutes, by 9:41 a.m., he had sold all of his 630 IMS Health put options, and realized proceeds of $328,5781.00, or a net profit of $286,456.59 overnight. (Second Gumagay Decl. ¶ 10, and Ex. I.)
IMS Health stock eventually closed on October 18 at $23.12 per share, still 22% percent off the previous day's closing price. Trading volume was more than 23 million shares, an increase of 2,735% from the previous day.
Almost immediately thereafter, Interactive Brokers froze Dorozhko's account pending an internal investigation. (Ward Decl. ¶ 14; Hr'g. Tr. at 105.) At some point, Interactive Brokers also referred the matter to the SEC. ( Id.) On October 29, 2007, the SEC filed an emergency application in this Court, seeking a temporary restraining order freezing the proceeds of the trades and granting other miscellaneous relief. This Court granted a temporary restraining order, and held a preliminary injunction hearing on November 28, 2007.
At the close of the hearing, we asked both parties to submit supplemental briefs on the question of whether the alleged `stealing and trading' or `hacking and trading' constitutes a violation of § 10(b) and Rule 10b-5.
Discussion
The standard for obtaining a preliminary injunction is well-established. Ordinarily, "a plaintiff must show irreparable harm absent injunctive relief, and either a likelihood of success on the merits, or a serious question going to the merits to make them a fair ground for trial, with a balance of hardships tipping decidedly in plaintiff's favor." Louis Vuitton Malletier v. Dooney Bourke, Inc., 454 F.3d 108, 114 (2d Cir. 2006). Since the SEC is not "an ordinary litigant, but . . . a statutory guardian charged with safeguarding the public interest in enforcing the securities laws," its burden to secure temporary relief is less than that of a private party. SEC v. Management Dynamics, Inc., 515 F.2d 801, 808 (2d Cir. 1975). Accordingly, the SEC is entitled to entry of temporary and preliminary injunctive relief upon "a substantial showing of likelihood of success as to both a current violation and the risk of repetition." SEC v. Cavanagh, 155 F.3d 129, 132 (2d Cir. 1998) (citing SEC v. Unifund SAL, 910 F.2d 1028, 1039-40 (2d Cir. 1990)).
Thus, the relevant question is whether the SEC has made a substantial showing of the likelihood of a violation of § 10(b) and Rule 10b-5. To answer this question, we examine the text of § 10(b), the interpretive case law, and then turn to a history of the regulation of insider trading.
We note that there is no question that irreparable harm may be suffered by the plaintiff here, since Dorozhko is a foreign national with no history of contacts with the United States. If the proceeds of his trades are unfrozen, it is reasonable to conclude that it is unlikely that the SEC will be able to recapture the funds.
A. Violations of Section 10(b) Require A "Manipulative or Deceptive Device"
As in all cases involving statutory interpretation, the appropriate starting point is the text of the statute itself. Central Bank of Denver v. First Interstate Bank of Denver, 511 U.S. 164, 172-73, 114 S.Ct. 1439, 128 L.Ed.2d 119 (1994); Ernst Ernst v. Hochfelder, 425 U.S. 185, 197, 96 S.Ct. 1375, 47 L.Ed.2d 668, (1976) ("In addressing [the elements of a cause of action under Section 10(b) and Rule 10b-5], we turn first to the language of § 10(b), for `[t]he starting point in every case involving construction of a statute is the language itself.'" (quoting Blue Chip Stamps v. Manor Drug Stores, 421 U.S. 723, 756, 95 S.Ct. 1917, 44 L.Ed.2d 539 (1975) (Powell, J., concurring))).
Section 10(b) of the Securities Exchange Act of 1934, ("Exchange Act") 48 Stat. 891, 15 U.S.C. § 78j, prohibits the use "in connection with the purchase or sale of any security . . . [of] any manipulative or deceptive device or contrivance in contravention of such rules and regulations as the Commission may prescribe."
Pursuant to Section 10(b), the SEC has promulgated Rule 10b-5, which provides in pertinent part:
"It shall be unlawful for any person, directly or indirectly, by the use of any means or instrumentality of interstate commerce, or of the mails or of any facility of any national securities exchange,
(a) To employ any device, scheme, or artifice to defraud,
(b) To make any untrue statement of a material fact or to omit to state a material fact necessary in order to make the statements made, in the light of the circumstances under which they were made, not misleading, or
(c) To engage in any act, practice, or course of business which operates or would operate as a fraud or deceit upon any person,
in connection with the purchase or sale of any security."17 CFR § 240.10b-5 (2007). The Rule was designed "to assure that dealing in securities is fair and without undue preferences or advantages among investors." H.R. Conf. Rep. No. 94-229, p. 91 (1975), U.S. Code Cong. Admin. News 1975, p. 323.
While the Rule is often described as a "catch-all anti-fraud provision," see, e.g., Herman MacLean v. Huddleston, 459 U.S. 375, 382, 103 S.Ct. 683, 74 L.Ed.2d 548 (1983), the Supreme Court has consistently affirmed that Rule 10b-5 is limited in scope by the language of § 10(b). See O'Hagan, 521 U.S. at 651, 117 S.Ct. 2199 ("Liability under Rule 10b-5, our precedent indicates, does not extend beyond conduct encompassed by § 10(b)'s prohibition"); see also Ernst Ernst v. Hochfelder, 425 U.S. 185, 214, 96 S.Ct. 1375, 47 L.Ed.2d 668 (1976) ("Thus, despite the broad view of the Rule advanced by the Commission in this case, its scope cannot exceed the power granted the Commission by Congress under § 10(b)."); Central Bank of Denver, 511 U.S. at 173, 114 S.Ct. 1439 ("With respect [to] . . . the scope of conduct prohibited by § 10(b), the text of the statute controls our decision.").
Therefore, violations of Rule 10b-5 require a showing of three essential elements: (1) a "device or contrivance"; (2) which is "manipulative or deceptive"; and (3) used "in connection with" the purchase or sale of securities.
(1) Device or Contrivance
The SEC has adequately shown that the alleged `hacking and trading' was a "device or contrivance" within the meaning of the statute. The Supreme Court has defined "device" in Ernst Ernst v. Hochfelder, 425 U.S. at 199, 96 S.Ct. 1375, by reference to Webster's International Dictionary (2d ed. 1934) as: "[t]hat which is devised or formed by design; a contrivance; an invention; project; scheme; often, a scheme to deceive; a strategem; an artifice." Dorozhko's alleged hacking would certainly amount to an artifice or scheme. It also evidences the required scienter. Id.
(2) "In Connection With"
The SEC has also adequately shown that the alleged scheme or artifice was "in connection with" the purchase or sale of securities. The relevant test to determine whether a device is used in connection with securities transactions is whether the device and the transactions "coincide." See Zandford, 535 U.S. at 822, 122 S.Ct. 1899 ("It is enough that the scheme to defraud and the sale of securities coincide.").
Here, Dorozhko's alleged hack, and the purchase of 630 put options in IMS Health occurred within approximately 30 to 35 minutes of each other. The hack and the subsequent purchases were clearly part of a single scheme, which was not complete until the securities transactions took place. See Zandford, 535 U.S. at 824-25, 122 S.Ct. 1899 (finding that a sale of securities and a deceptive device coincided, and therefore met the "in connection with" requirement in part because the embezzled securities "did not have value . . . apart from their use in a securities transaction and the fraud was not complete before the sale of securities occurred.").
Therefore, since the stolen information had no value apart from its use in a securities transaction, Dorozhko's alleged hack into the Thomson Financial computer network was part of a scheme that was "in connection with" the purchase or sale of securities.
(3) "Manipulative or Deceptive"
Finally, to find that the allegations amount to a violation of § 10(b), we must find that any alleged scheme was either "manipulative" or "deceptive" within the meaning of the statute. Santa Fe Indus. v. Green, 430 U.S. 462, 473, 97 S.Ct. 1292, 51 L.Ed.2d 480 (1977) ("[T]he language of Section 10(b) gives no indication that Congress meant to prohibit any conduct not involving manipulation or deception.").
a. "Manipulative"
To begin, Dorozhko's alleged actions were not "manipulative" within the meaning of the statute. The Supreme Court has defined "manipulative" very narrowly, rendering it clearly inapplicable to the facts alleged in this case, as even the SEC seems to admit. See Ernst Ernst v. Hochfelder, 425 U.S. at 199, 96 S.Ct. 1375 (1976) ("Use of the word `manipulative' is especially significant. It is and was virtually a term of art when used in connection with securities markets. It connotes intentional or willful conduct designed to deceive or defraud investors by controlling or artificially affecting the price of securities."). In Santa Fe Indus., the Court elaborated further, noting that "[manipulation] refers generally to practices such as wash sales, matched orders, or rigged prices that are intended to mislead investors by artificially affecting market activity." 430 U.S. at 476, 97 S.Ct. 1292.
In its Posthearing Memorandum of Law at 7, in quoting the relevant portions of § 10(b), the SEC does not even mention the term "manipulative" and instead replaces it with an ellipsis.
On the facts alleged here, Dorozhko did not engage in activities that affect the market the same way as washing sales, matching orders, or rigging prices. His alleged stealing and trading did not "control" or "artificially affect" market activity, it was market activity. Therefore the alleged scheme here was not "manipulative" as the term is used in § 10(b).
b. `Deceptive'
Thus, for the SEC to prevail, we must find that the alleged scheme was "deceptive" as that term is used in the statute.
The SEC posits that Dorozhko's alleged hack was "deceptive" for a number of reasons. First, the SEC argues that Dorozhko's alleged actions fit the common law definition of "deception," since Dorozhko allegedly "employ[ed] electronic means to trick, circumvent, or bypass computer security in order to gain unauthorized access to computer systems, networks, and information stored or communicated therein, and to steal such data." (Posthearing Memorandum of Law at 9) Second, the SEC attempts to define Dorozhko's alleged actions as "theft by deception," (under Model Penal Code § 223.3), which the Third Circuit has held involves "fraud or deceit." (Posthearing Memorandum of Law at 12) Third, the SEC cites several provisions of federal law that characterize computer hacking as "fraud," such as 18 U.S.C. § 1030(a)(4), and argues that if hacking is fraud under federal statute it must ipse dixit be "deceptive." (Posthearing Memorandum of Law at 9)
But the question of whether Dorozhko's alleged hack was "deceptive" is more problematic than the SEC acknowledges. As a review of case law infra will show, and as the Fifth Circuit has recently written, "the [Supreme] Court, in its other cases interpreting Section 10(b), has established that a device, such as a scheme, is not `deceptive' unless it involves breach of some duty of candid disclosure." Regents of University of California v. Credit Suisse First Boston (USA), Inc., 482 F.3d 372, 389 (5th Cir. 2007) (citing O'Hagan, 521 U.S. at 655, 117 S.Ct. 2199; Chiarella, 445 U.S. at 222, 100 S.Ct. 1108). See also Santa Fe Indus., 430 U.S. at 470, 97 S.Ct. 1292 (defining "deception" as proscribed in § 10(b) as the making of a material misrepresentation or the non-disclosure of material information in violation of a duty to disclose).
It is true that one Court in this district has recently used a dictionary — in fact the same Webster's 1934 dictionary that the Supreme Court used to define "device" in Ernst Ernst v. Hochfelder — in order to define "deceptive," In re Parmalat Securities Litigation, 376 F.Supp.2d 472, 502 (S.D.N.Y. 2005) (defining "deceptive" as "[t]ending to deceive; having power to mislead"). But Parmalat's approach has been scrutinized by the Fifth Circuit, which points out that reversion to a dictionary to define "deceptive" is precluded because the Supreme Court has "authoritatively construed" the word. Regents of University of California v. Credit Suisse, 482 F.3d 372, 389 (5th Cir. 2007) ("Although some of our securities cases have considered the common law where the Supreme Court has placed no gloss on the relevant terms . . . [it is] improper [] to substitute the authority of a dictionary for that of the Supreme Court.") The Fifth Circuit explicitly held that a common law or dictionary definition of "deceptive" was inappropriate because the Supreme Court has defined "deceptive" in Section 10(b) as necessarily involving the breach of a fiduciary or similar duty. Id. at 389.
While we are mindful that the antifraud provisions of the Exchange Act should be "construed not technically and restrictively, but flexibly to effectuate its remedial purposes," Affiliated Ute, 406 U.S. at 151, 92 S.Ct. 1456, we agree with the Fifth Circuit that the Supreme Court has thus far only used the term "deceptive" in conjunction with the breach of a fiduciary or similar duty of disclosure. Although the case law could very well have developed differently, see Chiarella, 445 U.S. at 246, 100 S.Ct. 1108 (Blackmun, J. dissenting), and there are respectable arguments that it should have developed differently, a breach of a fiduciary duty of disclosure is a required element of any "deceptive" device under § 10(b).
To understand the origin of this requirement, and the reasons therefor, we trace the historical development of insider trading law.
B. The Historical Development of the Law of Securities Fraud
In passing the Exchange Act, Congress sought to "insure honest securities markets and thereby promote investor confidence after the market crash of 1929." Zandford, 535 U.S. at 819, 122 S.Ct. 1899 (citations omitted). Congress sought "to substitute a philosophy of full disclosure for the philosophy of caveat emptor and thus to achieve a high standard of business ethics in the securities industry." Affiliated Ute, 406 U.S. at 151, 92 S.Ct. 1456 (citations omitted).
One major aim in federal regulation of securities has been to eliminate structural inequalities in access to information. Although some well-respected economists believe that insider trading is actually efficient and does not harm the market, see, e.g., Henry G. Manne, The Case for Insider Trading, Wall St. J., Mar. 17, 2003, at A14; see generally Richardo Bebczuk, Asymmetric Information in Financial Markets: Introduction and Applications (2003), this has never been Congress' view.
At the same time, it would be impracticable, as well as undesirable, to prohibit all informational disparities in the markets. Markets flourish on — and by definition require — informational disparities. Disparities can result from diligence and sound investment strategy. Thus, Congress has adamantly refused to adopt a fairnessbased system of regulation, (which might require traders to disclose all information they use to make trades), and courts have never attached liability under § 10(b) simply because someone traded on material nonpublic information. See, e.g., Chiarella, 445 U.S. at 228, 100 S.Ct. 1108 (reversing the conviction of a financial printer who traded on the basis of confidential information, and noting that "one who fails to disclose material information prior to the consummation of a transaction commits fraud only when he is under a duty to do so.").
The federal courts have struggled, and still do as this case shows, with how to draw a line between proper and improper informational disparities in the securities markets. See, e.g. Victor Brudney, Insiders, Outsiders and Informational Advantages Under the Federal Securities Laws, 93 Harv. L. Rev. 322, 343 (1979) ("[I]n the securities markets, as Congress has concluded, there is good reason to deny such [informational] advantages in many circumstances. Although criteria by which to determine who should be — and who should not be — denied those advantages and therefore be subject to the anti-fraud provisions are neither set forth expressly in the statute or regulations nor easy to develop.").
Some regulators and academics have vociferously lobbied for a fairness-based approach for years. See Brudney, Insiders, Outsiders, 93 Harv. L. Rev. at 360 (arguing for a general rule that insider trading law should "preclude exploitation of an informational advantage that the public is unable lawfully to overcome or offset"). Federal courts have not been deaf to their complaints. See O'Hagan, 521 U.S. at 658, 117 S.Ct. 2199 (citing Brudney's seminal article, and noting that "[a]lthough informational disparity is inevitable in the securities markets, investors likely would hesitate to venture their capital in a market where trading based on misappropriated nonpublic information is unchecked by law"). Nevertheless, federal courts have interpreted § 10(b) and Rule 10b-5 very methodically.
1. The Traditional Theory
The SEC took the first important step in the development of insider trading law under § 10(b) and Rule 10b-5 when it held that corporate insiders such as directors and officers owe a duty to all other market participants, such that insiders who seek to trade in their own company's shares must either disclose material nonpublic information in their possession, or abstain from trading (the "disclose or abstain" rule). See In the Matter of Cady, Roberts Co., 40 S.E.C. 907 (S.E.C. 1961).
In Cady, Roberts, the Commission recognized a relationship of trust and confidence between the shareholders of a corporation and those insiders who have obtained confidential information by reason of their position within that corporation. The Commission found that this relationship "gives rise to a duty to disclose, because of the necessity of preventing a corporate insider from . . . tak[ing] unfair advantage of the uninformed minority stockholders." Chiarella, 445 U.S. at 228-229, 100 S.Ct. 1108 (citations omitted).
Under this so-called "traditional theory," an insider's duty of disclosure extends to all "persons with whom the insider is engaging in securities transactions," United States v. Falcone, 257 F.3d 226, 229 (2d Cir. 2001), and thus the insider "breaches that duty when he or she engages in the securities transactions without disclosure." Id. The purchase or sale of securities itself amounts to a "deceptive" device that is "in connection with" the purchase or sale of securities because the transaction amounts to a breach of a duty. See also SEC v. Texas Gulf Sulphur Co., 401 F.2d 833, 848-49 (2d Cir. 1968).
The Supreme Court has since extended the traditional theory, and found that § 10(b) is violated not just when corporate insiders trade on the basis on material nonpublic information, but also when a corporate insider gives a "tip" ( e.g. to a friend or family member) for the purpose of having the outsider trade, and the outsider so trades. See Dirks v. SEC, 463 U.S. 646, 660, 103 S.Ct. 3255, 77 L.Ed.2d 911 (1983). The Supreme Court emphasized that tippees assume the disclose or abstain duty to other market participants from their tippers: "[A] tippee assumes a fiduciary duty to the shareholders of a corporation not to trade on material nonpublic information only when the insider has breached his fiduciary duty to the shareholders by disclosing the information to the tippee and the tippee knows or should know that there has been a breach." Id. The Dirks Court was explicit that tippee liability rested on the tippee's breach of a fiduciary duty that culminates when the securities transaction is executed, and that there is no general duty of disclosure between all those who invest in the stock market. Id. at 657-68, 103 S.Ct. 3255.
2. The Misappropriation Theory
As securities markets grew increasingly complex, it became clear that deterring corporate insiders and their tippees was insufficient to prevent abuses of structural disparities in information. For non-insiders such as lawyers, bankers, journalists, or financial printers often obtain access to material non-public information which gives them a structural, unfair advantage in the marketplace.
However, instead of adopting a fairnessbased system, after some uncertainty in the 1970s and 1980s, the Supreme Court in O'Hagan finally adopted the "misappropriation theory" of liability under § 10(b) and Rule 10b-5. The misappropriation theory holds that § 10(b) may be violated by persons who do not owe a fiduciary duty to other market participants, but nevertheless do owe a fiduciary or similar duty to the source of their information. See, e.g., O'Hagan, 521 U.S. at 653, 117 S.Ct. 2199.
The path whereby the Supreme Court, and various Courts of Appeals, developed the misappropriation theory instead of a fairness-based system is particularly relevant here.
a. Chiarella
The first time the misappropriation theory was briefed in the Supreme Court was in Chiarella v. United States, 445 U.S. 222, 100 S.Ct. 1108, 63 L.Ed.2d 348 (1980). The case concerned an employee, Chiarella, of a financial printer, who obtained material non-public information of imminent takeover bids while at his job, and then used the information to buy shares in the target corporations, resulting in significantly profitable trades. Chiarella was convicted of a Rule 10b-5 violation and the conviction was affirmed on appeal. The Supreme Court, however, reversed. The Supreme Court held that use of material nonpublic information to trade is not itself a violation of § 10(b), and since Chiarella was not himself a corporate insider, nor a fiduciary of those he purchased stock from, he was under no duty to other market participants to disclose his informational advantage to them. Chiarella, 445 U.S. at 232-233, 100 S.Ct. 1108.
The Court held that, "a purchaser of stock who has no duty to a prospective seller because he is neither an insider nor a fiduciary has been held to have no obligation to reveal material facts. . . . A duty to disclose under § 10(b) does not arise from the mere possession of nonpublic market information." Id. at 235, 100 S.Ct. 1108.
In its brief to the Court, the government offered an alternative theory to uphold Chiarella's conviction, namely the misappropriation theory. Under the misappropriation theory, the government argued, an outsider's breach of a duty to the source of his or her information replaces or substitutes for the breach of a duty owed to the market participant under the traditional theory. As given canonical formulation later in O'Hagan:
The `misappropriation theory' holds that a person commits fraud "in connection with" a securities transaction, and there-by violates § 10(b) and Rule 10b-5, when he misappropriates confidential information for securities trading purposes, in breach of a duty owed to the source of the information. Under this theory, a fiduciary's undisclosed, selfserving use of a principal's information to purchase or sell securities, in breach of a duty of loyalty and confidentiality, defrauds the principal of the exclusive use of the information. In lieu of premising liability on a fiduciary relationship between company insider and purchaser or seller of the company's stock, the misappropriation theory premises liability on a fiduciary-turned-trader's deception of those who entrusted him with access to confidential information.O'Hagan, 521 U.S. at 653, 117 S.Ct. 2199. Thus, the government argued, Chiarella's breach of a duty to his employer, the financial printer, should give rise to a duty to that employer to disclose his intent to trade or abstain from trading. Under the theory, the source of the nonpublic information need not be a purchaser or seller of securities, or even be in any way connected to or even interested in the purchase or sale of securities.
The majority in Chiarella refused to consider this theory because it had not been submitted to the jury. Chiarella, 445 U.S. at 235-36, 100 S.Ct. 1108. However, Justice Burger wrote separately in dissent to argue that something akin to a misappropriation theory was in fact presented to the jury, and could be used to support Chiarella's conviction.
Also in dissent, Justice Blackmun, writing for himself and Justice Marshall, argued that no breach of fiduciary duty should be required to uphold a conviction under § 10(b) and Rule 10b-5. Justice Blackmun adopted the thesis of Professor Brudney's article, Insiders, Outsiders, that the antifraud provisions of the securities laws swept more broadly, and covered any structural advantage in information that was wrongly obtained. Justice Blackmun proposed a rule whereby: "[P]ersons having access to confidential material information that is not legally available to others generally are prohibited . . . from engaging in schemes to exploit their structural informational advantage through trading in affected securities." 445 U.S. at 251, 100 S.Ct. 1108.
Under Justice Blackmun's view, no breach of fiduciary duty would be required as a predicate to a finding of liability under § 10(b):
[I]n my view, it is unnecessary to rest petitioner's conviction on a `misappropriation' theory. The fact that petitioner Chiarella purloined, or, to use the Chief Justice's word, `stole,' information concerning pending tender offers certainly is the most dramatic evidence that petitioner was guilty of fraud. . . . I do not agree that a failure to disclose violates the Rule only when the responsibilities of a relationship of that kind have been breached.Id. at 246, 251, 100 S.Ct. 1108 (Blackmun, J. dissenting). Justice Blackmun based his reading of the statute on its legislative history, and its general antifraud purpose.
In the instant case, the SEC is essentially seeking to revive Justice Blackmun's dissent, and assert that because Dorozhko allegedly "stole" inside information, and traded on it, his alleged actions must amount to securities fraud. But Professor Brudney's and Justice Blackmun's view was not adopted in Chiarella, nor thereafter.
b. O'Haqan
After Chiarella, the circuits split as to the validity of the misappropriation theory. The Supreme Court eventually granted certiorari in United States v. O'Hagan, 521 U.S. 642, 117 S.Ct. 2199, 138 L.Ed.2d 724 (1997), to resolve the conflict.
The Second Circuit became the first to adopt the misappropriation theory, in United States v. Chestman, 947 F.2d 551, 556-67 (2d Cir. 1991) (en banc). The Seventh Circuit and Ninth Circuit followed the Second in adopting the theory, SEC v. Cherif, 933 F.2d 403, 408 (7th Cir. 1991), cert. denied, 502 U.S. 1071, 112 S.Ct. 966, 117 L.Ed.2d 131 (1992); SEC v. Clark, 915 F.2d 439 (9th Cir. 1990); but the Fourth Circuit declined to do so, United States v. Bryan, 58 F.3d 933, 945 (4th Cir. 1995), as did the Eighth Circuit in United States v. O'Hagan, 92 F.3d 612 (8th Cir. 1996).
James O'Hagan was a lawyer at a firm in Minneapolis, Minnesota that represented a potential acquirer in a tender offer. O'Hagan acquired access to material nonpublic information, and then purchased call options in the target's stock before the deal was announced. O'Hagan was convicted under Rule 10b-5, but the Eighth Circuit reversed his conviction on the grounds that O'Hagan was not an insider of the target corporation, and therefore owed no duty to other market participants to disclose or abstain. United States v. O'Hagan, 92 F.3d 612, 622 (1996). The Eighth Circuit reasoned, contrary to previous decisions by the Second and Seventh Circuits, that a breach of a fiduciary duty to the source of information was not sufficiently "in connection with" the purchase or sale of securities as required by the language of § 10(b).
The Supreme Court reversed the Eighth Circuit, agreeing with the Second Circuit's decision in Chestman that a breach of a duty to the source of information was sufficiently "in connection with" a securities transaction so as to give rise to a duty to disclose or abstain. O'Hagan, 521 U.S. at 652, 117 S.Ct. 2199 ("In lieu of premising liability on a fiduciary relationship between company insider and purchaser or seller of the company's stock, the misappropriation theory premises liability on a fiduciaryturned-trader's deception of those who entrusted him with access to confidential information.").
The O'Hagan decision underscored that the misappropriation theory was premised on the same "disclose or abstain" rationale as the traditional theory. But, under the misappropriation theory, a trader's duty to disclose or abstain ran not to market participants but rather to the source of the confidential information. The Court specified that if a tippee disclosed his intention to trade to the source of his or her information, the tippee was absolved of liability under Rule 10b-5: "[I]f the fiduciary discloses to the source that he plans to trade on the nonpublic information, there is no `deceptive device' and thus no § 10(b) violation — although the fiduciary-turned-trader may remain liable under state law for breach of a duty of loyalty." 521 U.S. at 655, 117 S.Ct. 2199.
Thus, O'Hagan thereby explicitly acknowledged that Rule 10b-5 was not the sole regulatory weapon to use in combating illicit informational disparities in the markets. Indeed, Justice Ginsburg suggested not only once but twice that a state law cause of action, under a duty of loyalty theory, was the appropriate way to police a situation where a misappropriator discloses to the source of the information that he or she is going to trade. 521 U.S. at 655, 659 n. 9, 117 S.Ct. 2199. In footnote nine of the opinion, Justice Ginsburg explicitly acknowledged that a trade executed by a misappropriator who discloses to his or her source is just as unfair, in relation to other traders in the market, as a trade executed by a misappropriator who does not disclose to his or her source, but only the latter results in liability under § 10(b). Justice Ginsburg wrote: "As noted earlier, however, the textual requirement of deception precludes § 10(b) liability when a person trading on the basis of nonpublic information has disclosed his trading plans to, or obtained authorization from, the principal — even though such conduct may affect the securities markets in the same manner as the conduct reached by the misappropriation theory." 521 U.S. at 659 n. 9, 117 S.Ct. 2199. Justice Ginsburg's analysis underscores the idea that § 10(b) does not reach all structural disparities in information that result in securities transactions, only those disparities obtained by dint of a breach of fiduciary duty of disclosure.
The O'Hagan decision adopted a further limitation on the reach of § 10(b) liability when it recognized that certain frauds in connection with the purchase or sale of securities, such as embezzling money and then using that money to buy securities, would not amount to violations of § 10(b). The Court responded to an argument that the government had made in its brief:
The Government notes another limitation on the forms of fraud § 10(b) reaches: "The misappropriation theory would not . . . apply to a case in which a person defrauded a bank into giving him a loan or embezzled cash from another, and then used the proceeds of the misdeed to purchase securities." Brief for United States 24, n. 13. In such a case, the Government states, "the proceeds would have value to the malefactor apart from their use in a securities transaction, and the fraud would be complete as soon as the money was obtained." Ibid.
While the Court later elaborated on this passage in Zandford, see discussion infra, the passage bears mention here as it underscores the point that § 10(b) has always had certain lacunae that render it less than a blanket prohibition on illicit schemes that somehow involve securities transactions. Indeed, this passage builds on a long history of similar passages in Supreme Court opinions that have acknowledged the gaps in § 10(b)'s coverage. See Marine Bank v. Weaver, 455 U.S. 551, 556, 102 S.Ct. 1220, 71 L.Ed.2d 409 (1982) ("Congress, in enacting the securities laws, did not intend to provide a broad federal remedy for all fraud"); Chiarella, 445 U.S. at 229, 235, 100 S.Ct. 1108 ("[A] duty to disclose under § 10(b) does not arise from the mere possession of nonpublic market information."); Zandford, 535 U.S. at 820, 122 S.Ct. 1899 ("[Section 10(b)] must not be construed so broadly as to convert every common-law fraud that happens to involve securities into a violation of § 10(b).").
Thus, the O'Hagan Court hewed to the traditional theory of insider trading in as much as it premised a violation of § 10(b) and Rule 10b-5 on a breach the duty to disclose or abstain. The Court certainly could have, but did not, adopt the more expansive view of Rule 10b-5 articulated by Justice Blackmun's dissent in Chiarella, or in Brudney's article, which had proposed "preclud[ing] exploitation of an[y] informational advantage that the public is unable lawfully to overcome or offset." Brudney, Insiders, Outsiders, 93 Harv. L. Rev. at 360. Notably, the O'Hagan decision cited Brudney's article, 521 U.S. at 659, 117 S.Ct. 2199, but explicitly did not adopt its reasoning.
Thus, in this case, it appears that Dorozhko is not liable under either the traditional or misappropriation theories of insider trading since there has been no evidence presented that he is anything other than a true outsider, who owed no duties of disclosure to either other market participants or to the source of his information.
In its Posthearing Memorandum of Law, at 16, the SEC argues that even if Dorozhko were a true outsider, he may nevertheless have breached a duty of candid disclosure because he became a "trustee ex maleficio" and was thereby required to hold the proceeds of his misappropriation in constructive trust for the benefit of the innocent owner. See Donald C. Langevoort, 18 Insider Trading Regulation, Enforcement, and Prevention, § 6:14 at n. 5 (Apr. 2007) (internal citations omitted). This theory bends the concept of fiduciary duty too far. Even beyond the awkwardness of applying fiduciary duties to pure thieves, in effect this theory would resurrect Justice Blackmun's dissent in Chiarella because it would extend § 10(b) liability to any situation wherein information was wrongly obtained. Moreover, at least in the bankruptcy context, ( 11 U.S.C § 523(a)(4) (denying a discharge for any debt acquired through "fraud or defalcation while acting in a fiduciary capacity")), the Supreme Court has squarely rejected the argument that torts give rise to fiduciary duties: "It is not enough that, by the very act of wrongdoing out of which the contested debt arose, the bankrupt has become chargeable as a trustee ex maleficio. He must have been a trustee before the wrong and without reference thereto." Davis v. Aetna Acceptance Co., 293 U.S. 328, 333, 55 S.Ct. 151, 79 L.Ed. 393 (1934).
3. Beyond the Traditional and Misappropriation Theories?
Recognizing that it appears that Dorozhko did not breach any fiduciary or similar duties to "disclose or abstain" from trading on insider information, the SEC argues that Rule 10b-5 is not limited by the "disclose or abstain" rationale at play in the traditional and misappropriation theories of insider trading. Rather, the SEC argues that any fraudulent scheme that contains the requisite nexus to a securities transaction constitutes securities fraud. In other words, it is not Dorozhko's alleged trades themselves that work a deception, but rather Dorozhko's scheme taken as a whole. For support for this proposition, the SEC cites repeatedly to the plain meaning of § 10(b) and Rule 10b-5, Congressional intent, and the Supreme Court's recent decision in S.E.C. v. Zandford, 535 U.S. 813, 122 S.Ct. 1899, 153 L.Ed.2d 1 (2002).While the SEC is correct that Zandford stands for the proposition that Dorozhko's alleged `hacking and trading' was a "scheme" that was perpetrated "in connection with" the purchase or sale of securities, Zandford does not support the argument that such a scheme was "deceptive" within the meaning of the statute. In fact, Zandford suggests the exact opposite, and reaffirms both the traditional and misappropriation theories of insider trading insofar as they require a breach of fiduciary duty of disclosure as the basis for liability under § 10(b).
a. Zandford
Charles Zandford was a securities broker who managed a discretionary brokerage account on behalf of an elderly client named William Wood. Over the course of four years, Zandford sold all the securities in Wood's account, and wire transferred the proceeds to his own account. Zandford, 535 U.S. at 815-16, 122 S.Ct. 1899. Zandford was indicted, and ultimately convicted on thirteen counts of wire fraud ( 18 U.S.C. § 1343).
After the conviction, the SEC filed a civil complaint against Zandford alleging, inter alia, a violation of § 10(b) and Rule 10b-5. Id. Over Zandford's objection, the district court entered partial summary judgment for the SEC, on the ground that Zandford was estopped from contesting facts that established a violation of § 10(b). The Fourth Circuit, however, reversed the district court and ordered that the case be dismissed because the complaint did not allege a scheme to defraud that was "in connection with" the purchase or sale of securities. Id. at 816-17, 122 S.Ct. 1899. The Fourth Circuit held that Zandford's actions were akin to pure theft from Wood, and the fact that his theft was accomplished by means of selling securities and pocketing the money did not give the SEC jurisdiction. SEC v. Zandford, 238 F.3d 559, 562 (4th Cir. 2001).
The Supreme Court granted certiorari to resolve the question of whether the complaint against Zandford alleged a scheme that was "in connection with" the purchase or sale of a security. Zandford, 535 U.S. at 815, 122 S.Ct. 1899. The Supreme Court answered in the affirmative, reversing the Fourth Circuit. The Court held that Zandford's sale of securities was an integral part of his scheme to defraud Wood, and was accomplished in such a way that the sale of securities and the subsequent wire transfers "coincided." Therefore, Zandford's scheme to defraud was "in connection with" the purchase or sale of securities. Id. at 825, 122 S.Ct. 1899.
In essence, the Fourth Circuit had perceived two separate events, Zandford's sale of securities, which was permitted under the express terms of the discretionary brokerage account, and then a subsequent wire transfer out of the client's discretionary account and into Zandford's own account, which was illegal but did not amount to securities fraud and had no discernable effect on the securities market. The Fourth Circuit relied heavily on the passage, quoted above, from the government's argument in O'Hagan, in which the government and the Court suggested that "[t]he misappropriation theory would not . . . apply to a case in which a person defrauded a bank into giving him a loan or embezzled cash from another, and then used the proceeds of the misdeed to purchase securities," because in that situation "the proceeds would have value to the malefactor apart from their use in a securities transaction, and the fraud would be complete as soon as the money was obtained." O'Hagan 521 U.S. at 656, 117 S.Ct. 2199. Justice Stevens, writing for a unanimous Court in Zandford, held that this passage did not bar the application of § 10(b) to Zandford's trades because the fraud consisted of a scheme that was not complete until Zandford had transferred the proceeds to his own account: "Even if this passage could be read to introduce a new requirement into § 10(b), it would not affect our analysis of this case, because the Wood[] securities did not have value for respondent apart from their use in a securities transaction and the fraud was not complete before the sale of securities occurred." 535 U.S. at 824, 122 S.Ct. 1899.
Therefore, with respect to this case, Zandford stands for the proposition that Dorozhko's alleged scheme was "in connection with" the purchase or sale of securities, since the hack into Thomson Financial's computer network and the trades "coincided," and the information that Dorozhko allegedly gleaned from hacking did not have value apart from its use in securities transactions.
However, Zandford does not stand for the proposition that Dorozhko's alleged scheme was "deceptive" within the terms of the statute. In fact, if anything, Zandford lends support to the notion that the alleged hack was not "deceptive." The Court in Zandford reiterated numerous times that Zandford's § 10(b) violation was predicated on his breach of a fiduciary duty owed to Wood: "[T]he SEC complaint describes a fraudulent scheme in which the securities transactions and breaches of fiduciary duty coincide. Those breaches were therefore `in connection with' securities sales within the meaning of Section 10(b)." 535 U.S. at 825, 122 S.Ct. 1899. Even though Zandford had already been criminally convicted in relation to the theft, Justice Stevens's opinion emphasized that it was Zandford's breach of a duty to his client to disclose in connection with the sale of securities, and not his crimes or other deplorable behavior in connection with the sale of securities, that gave rise to liability under § 10(b).
Justice Stevens' opinion explicitly acknowledged that Zandford would not be liable under § 10(b) if he had disclosed to Wood that he was planning to steal his money. In a footnote at the end of the opinion, Justice Stevens wrote: "[I]f the broker told his client he was stealing the client's assets, that breach of fiduciary duty might be in connection with a sale of securities, but it would not involve a deceptive device or fraud." 535 U.S. at 824, 122 S.Ct. 1899 (citing Santa Fe Indus., 430 U.S. at 474-476, 97 S.Ct. 1292). Crucially, the logic in this footnote suggests that the Court is still operating under the "disclose or abstain" paradigm, and that Zandford was under a duty to disclose or abstain in relation to his selling of his client's securities because he owed his client a fiduciary duty. The footnote clearly sets forth that if Zandford had in fact disclosed to Wood his intent to steal Wood's securities, i.e. fulfilled his fiduciary obligation to disclose or abstain, then Zandford would not be liable under § 10(b) even though he had in fact committed a crime in connection with the purchase or sale of securities, a crime he had already been convicted of. Therefore, even given parallel coinciding criminal conduct that amounts to wire fraud under federal statutes, the logic in Justice Stevens's footnote suggests that there can be no "deception," and therefore no liability under § 10(b), absent the existence and breach of a fiduciary duty.
Thus, as this review of case law makes clear, whether the SEC is relying on the traditional or misappropriation theories of insider trading, or a separate scheme theory as pursued in Zandford, it cannot establish a violation of § 10(b) absent a breach of a fiduciary duty to disclose or abstain. Chiarella initially established that trading in securities simply while in possession of material nonpublic information was not itself a violation of § 10(b) absent a duty to abstain or disclose. 445 U.S. at 228, 100 S.Ct. 1108. Since then, the Supreme Court has in a number of opinions carefully established that the essential component of a § 10(b) violation is a breach of a fiduciary duty to disclose or abstain that coincides with a securities transaction. The Supreme Court could have taken a more sweeping position in O'Hagan and adopted Brudney's thesis so as to preclude all trading on the basis of information that is not legally obtainable by all others. But instead the Supreme Court deliberately chose to premise a § 10(b) violation on a transferred breach of duty owed to the source of information. The Supreme Court had a similar opportunity in Zandford when confronted with a criminal scheme to defraud that involved the sale of securities. The Court did not simply hold that Zandford's scheme itself was "deceptive," but observed that the scheme would not be deceptive if it were disclosed to Zandford's client. Therefore it was not the illegality of Zandford's actions, but rather the non-disclosure to his client, that gave rise to § 10(b) liability.
Finally, we examine what existing authority there is on the exact question presented here: whether those who steal material nonpublic information and trade on it violate § 10(b).
C. Theft of Information and the Securities Laws
Although a coherent system of insider trading regulation could cover `stealing and trading' or `hacking and trading,' as far as this Court is aware, no federal court has ever held that those who steal material nonpublic information and then trade on it violate § 10(b).
Even by itself, this lack of any case law supporting the SEC position is noteworthy. The Exchange Act was enacted over seventy-four years ago, and parallel situations have no doubt arisen in that time span. While the SEC attempts to paint hacking as a new challenge for the securities laws, traditional theft ( e.g. breaking into an investment bank and stealing documents) is hardly a new phenomenon, and involves similar elements for purposes of our analysis here. Both hacking and traditional theft may involve "deception" in the common law sense of unauthorized access, whether by using fake ID cards or spoofed internet protocols, but typically do not involve deception in the sense of breaching a duty of disclosure.
The SEC acknowledges this lack of precedent but nevertheless cites to two cases in this District that have granted preliminary injunctions on facts similar to those here, SEC v. Lohmus, Haavel Viisemann, et al., No. 05 CV 9259(RWS), 2005 WL 3309748 (S.D.N.Y. Nov. 1, 2005), and SEC v. Blue Bottle Ltd., No. 07 CV 1380(CSH), 2007 WL 580798 (S.D.N.Y. Feb. 26, 2007). These cases are hardly convincing support, as Lohmus settled, and Blue Bottle concluded by default judgment. Neither case produced an opinion analyzing the relevant case law, or why the theft of material nonpublic information amounted to a deceptive device in contravention of the statute.
On the other side of the ledger, there is significant authority, contained in dicta in two Court of Appeals opinions and in a number of law review articles, to suggest that thieves of material nonpublic information do not violate § 10(b) or Rule 10b-5 when they trade on the basis of that information.
1. SEC v. Cherif
Danny Cherif was a former employee of First Chicago, an investment bank. SEC v. Cherif, 933 F.2d 403, 411 (7th Cir. 1991). After Cherif was fired by First Chicago, he secretly kept his key card, and broke into the bank's offices on a number of occasions to steal information on pending corporate transactions. He then traded on the basis of that information and reaped a profit. Cherif was convicted in the district court under the misappropriation theory, but argued to the Seventh Circuit that he was a "mere thief" who owed no duty to anyone, and therefore could not be held liable under § 10(b) and Rule 10b-5. The Seventh Circuit described Cherif's argument that he was a "mere thief," as "[t]he only possible barrier to application of the misappropriation theory." 933 F.2d at 411.
Rather than address the "mere thief" question head on, the Seventh Circuit sustained Cherif's conviction on the ground that Cherif was a former employee of First Chicago, and an employee's duty to a former employer is not extinguished upon termination. The Seventh Circuit held that, "Cherif breached a continuing duty to his former employer when he used the key card and specific, confidential knowledge he had learned about First Chicago as an employee to break into the bank immediately after termination and steal inside information about upcoming transactions." Id. Therefore, according to the Seventh Circuit, "Cherif betrayed a trust in a way that a mere thief does not." Id. at 412.
Here, the SEC argues that Cherif is inapposite because the Seventh Circuit did not decide the question of whether mere thieves violate § 10(b). The SEC writes that " Cherif had facts somewhat similar to those in the case at bar, but, because of a prior employment relationship, the Seventh Circuit ruled on liability based on misappropriation analysis." (Posthearing Memorandum of Law at 15 n. 7.) The SEC is technically correct, but misses the point that the Seventh Circuit appears to have gone well out of its way to avoid the question of "mere thieves." Had Cherif's violation of § 10(b) been as simple and direct as the SEC argues that Dorozhko's was, the Seventh Circuit would not have needed to use the misappropriation analysis. It is important to remember that at the time the Seventh Circuit ruled in Cherif, the misappropriation theory itself was controversial, and would in fact later be disapproved of by both the Eighth Circuit ( O'Hagan, 92 F.3d at 622) and the Fourth Circuit ( United States v. Bryan, 58 F.3d 933 (4th Cir. 1995)). The Seventh Circuit's decision to rest liability on the misappropriation theory and Cherif's former employment was by no means a simple case of a court relying on a well-established legal principle. Adopting the arguments that the SEC now proposes would have been far easier, if the SEC's approach had greater viability.
2. United States v. Bryan
Another Court of Appeals case, United States v. Bryan, 58 F.3d 933 (4th Cir. 1995) (Luttig, J.), has suggested even more forcefully that mere thieves do not violate § 10(b) and Rule 10b-5 by trading on stolen information. The defendant, Elton Bryan, was a former director of the West Virginia Lottery who used confidential information about forthcoming contracts to purchase shares in companies that did business with the West Virginia Lottery. Bryan was convicted of securities fraud on a misappropriation theory in the district court, but the Fourth Circuit reversed. The case pre-dated O'Hagan and the Fourth Circuit reversed the district court because it refused to adopt the misappropriation theory. In his opinion for the court, Judge Luttig refused to adopt the misappropriation theory in part because the theory, he predicted, would lead future courts to expand and eventually abandon the concept of fiduciary duty that lay at the heart of § 10(b). According to Judge Luttig, courts using the misappropriation theory had already stretched the concept of fiduciary duty to find such duties between employers and employees, newspapers and reporters, and psychiatrists and patients. Eventually, he predicted, courts would be forced to abandon the requirement of a fiduciary duty all together, and hold that mere thieves violated the misappropriation theory, even though the entire construct of insider trading regulation was grounded in the concept of breach of duty. Judge Luttig wrote:
[W]hile the courts adopting the misappropriation theory incant that the breach of a fiduciary relationship is a necessary element of the offense, in principle, if not in reality, these courts would be obliged to find liability in the case of simple theft by an employee, even where no fiduciary duty has been breached, for the raison d'etre of the misappropriation theory in fact is concern over `the unfairness inherent in trading on [stolen] information.'58 F.3d at 951 (citations omitted). Judge Luttig's words were prescient. As we acknowledged at the outset, there is tension in the instant case between the "unfairness inherent in the transaction," and the existing law that bases securities, fraud violations on breaches of fiduciary duties. But in overturning Bryan, and adopting the misappropriation theory in O'Hagan, the Supreme Court did not abandon the fiduciary requirement, nor can we here.
3. Scholarly Articles
Unable to find support in existing case law, the SEC turns to academic writings for authority. The SEC notes that, "While no case has addressed it, at least two academics has [sic] endorsed the theory that a hacker who steals material nonpublic information for the purpose of trading on it, violates Exchange Act § 10(b) and Rule 10b-5." The SEC then cites Robert A. Prentice, The Internet and Its Challenges for the Future of Insider Trading Regulation, 12 Harv. J.L. Tech, 263, 296-307 (Winter 1999), and Donald C. Langevoort, 18 Insider Trading Regulation, Enforcement and Prevention § 6:14 (Apr. 2007).
While these articles, among others, proclaim that those who `hack and trade' should be liable under § 10(b), the clear majority of scholarly opinion is that, under existing law, `hacking and trading' is not a violation of § 10(b). Professor Prentice's article is indicative. Professor Prentice's article contains a section entitled "Hackers as Misappropriators," which makes a strong policy argument for why those who hack should be liable under 10b-5. The section, however, begins by acknowledging that under the current state of the law hackers are not liable. Prentice asks rhetorically, "Hackers who steal inside information and trade on it are essentially thieves. But are they also liable as inside traders? The answer to this question from a traditional point of view is `no.'" 12 Harv. J.L. Tech. at 296. Prentice's argument as to liability for hackers, it turns out paragraphs later, stems not from precedent or a close reading of the statute, but from his own conviction as to what the law should be: "I find uncomfortable the received wisdom that someone who obtains inside information via hacking, physical breaking and entering, bribery, extortion, espionage, or similar means is not liable for insider trading." Id. at 298.
Similarly, a couple of recent law review articles suggest that hackers should be, but are currently not liable under § 10(b) for `hacking and trading.' For example, Kathleen Coles writes in The Dilemma of the Remote Tippee, 41 Gonz. L. Rev. 181, 221 (2005-2006):
"[A] computer hacker who breaches the computer security walls of a large publicly held corporation and extracts nonpublic information may also trade and tip without running afoul of the insider trading rules. The burglar and computer hacker may be liable for the conversion of nonpublic information under other laws, but the insider trading laws themselves appear not to prohibit the burglar or hacker from trading or tipping on the basis of the stolen information. This is because there was no breach of a duty of loyalty to traders under the classic theory or to the source of the information under the misappropriation theory."
41 Gonz. L. Rev at 221.
Also, Donna M. Nagy writes, in Reframing the Misappropriation Theory of Insider Trading Liability: A Post-O'Hagan Suggestion, 59 Ohio St. L.J. 1223, 1249-57 (1998): "[I]t is doubtful that securities trading by the computer hacker or the `mere' thief would violate Section 10(b) and Rule 10b-5, because neither scenario would involve misappropriation through acts that would constitute affirmative deception." 59 Ohio St. L.J. at 1255. Nagy is "troubled" by this, and argues that the current "restrictive" misappropriation theory, "will frustrate the prosecution of future cases involving trading on misappropriated information." Id. at 1227. She illustrates with an example of a "computer hacker who unlawfully gains access to a corporation's internal network and subsequently manages to uncover confidential information." Id. at 1253. She notes that, "Because the computer hacker was not entrusted with such access, Section 10(b) and Rule 10b-5 would not be violated under O'Hagan's theory, even though the computer hacker would be trading securities on the basis of material, nonpublic information that had been misappropriated." Id. To repair the lacuna, Nagy goes on to suggest a new version of the misappropriation theory, that is "premised on the `fraud on the investors.'" She believes her fraud on the investors approach "is far superior to the `fraud on the source' version [of the misappropriation theory]."
D. Congressional Intent and Public Policy
In the end, the SEC's strongest arguments as to why Dorozhko's alleged `hacking and trading' violates § 10(b) stem from Congressional intent and public policy. After all, thieves who trade on inside information affect markets the same inequitable way as corporate insiders or tippees who trade on inside information.
Congress has consistently reiterated that the goal of fair and open markets undergirds our securities laws. As stated by the Senate Committee on Banking and Currency in enacting the Exchange Act:
The concept of a free and open market for securities transactions necessarily implies that the buyer and seller are acting in the exercise of enlightened judgment as to what constitutes a fair price. Insofar as the judgment is warped by false, inaccurate, or incomplete information regarding the corporation, the market price fails to reflect the normal operations of supply and demand.
S.Rep. No. 792, 73rd Cong., 2d Sess., 3 (1934). The focus here is less on the reason why unfair informational disparities arise than on ensuring that they do not exist at all. Indeed, the House Report on the Insider Trading Sanctions Act of 1984, (which provided a treble damages remedy for enforcement by the SEC of insider trading violations) favorably cited Brudney's article, discussed supra, noting: "The abuse of informational advantages that other investors cannot hope to overcome through their own efforts is unfair and inconsistent with the investing public's legitimate expectation of honest and fair securities markets where all participants play by the same rules." H.R. Rep. No. 98-355, 98th Cong., 1st Sess. 3, 4 (1983) reprinted in 1984 U.S. Code Cong. Admin. News 2274, 2278.
There is also evidence that Congress left the language of § 10(b) vague in part so as to empower the SEC to pursue new types of fraud and deception in connection with securities transactions. See, e.g., Hearings on H.R. 7852 and H.R. 8720 before the House Committee on Interstate and Foreign Commerce, 73d Cong., 2d Sess., 115 (1934) ("Of course [§ 10(b)] is a catch-all clause to prevent manipulative devices. I do not think there is any objection to that kind of clause. The Commission should have the authority to deal with new manipulative devices.").
Yet, there are policy considerations that weigh, if not as heavily at least with substantial force, against discarding the fiduciary requirement and/or extending the SEC's jurisdiction to cover `hacking and trading.' As discussed above, in regulating insider trading, at the margins it becomes difficult to distinguish information that is properly obtained from that which is improperly obtained. The fiduciary requirement serves as an important delineation, a kind of shorthand that courts, market participants, and regulators may use to make the distinction. The presence of a fiduciary relationship ensures that the traded on information is that available only to insiders. Without the fiduciary requirement, the question of when market participants may trade on informational disparities becomes much more difficult.
Further, while it is conceivable that the language of § 10(b) requiring "deceptive" acts could be expanded to encompass not only breaches of fiduciary duties in connection with a purchase or sale of securities but also criminal violations in connection with the purchase or sale of securities, such an expansion would erode the fundamental difference between civil and criminal jurisdiction. The SEC is a civil regulatory body entrusted with overseeing our nation's securities markets. The SEC traditionally does not enforce the criminal law. Indeed, the same House Report quoted supra, notes that "[C]onversion for personal gain of information lawfully obtained abuses relationships of trust and confidence and is no less reprehensible than the outright theft of nonpublic information." This quotation implicitly recognizes that insider trading and theft are different, but the Report contains no suggestion that the SEC's jurisdiction should be expanded to include the latter.
Conclusion
As the only evidence that the SEC has presented in this case supports the theory that Dorozhko traded on inside information he had stolen by hacking into Thomson Financial's website, the SEC has not shown a likelihood of succeeding on the merits of its claim of a violation of § 10(b). Accordingly, the SEC's motion for a preliminary injunction is denied.
However, given the SEC's special position as statutory guardian, the fact that Dorozhko has invoked his right to not testify, which can give rise to an inference against him in a civil proceeding, and the likelihood of irreparable harm should the temporary restraining order be lifted at this juncture, we hereby stay the effect of our order, and keep the temporary restraining order in effect until January 14, 2008 to allow the SEC to seek a stay pending appeal from the Court of Appeals pursuant to Fed.R.App.P. 8(a)(2).
Defendant Dorozhko's motion to dismiss the complaint is also denied at this time. In its complaint, the SEC adequately pled a well-accepted theory of a violation of § 10(b) — that Dorozhko received a tip from a corporate insider ( See Complaint ¶ 3) — and the SEC should be permitted to conduct discovery to determine if it can factually support this theory of the case.
In this regard, we note that it will not be sufficient for the SEC to rely solely on the defendant's invocation of a Fifth Amendment privilege.
SO ORDERED.