Photocopiers – A Recurring Data Security Risk

DrinkerBiddle

In a case that illustrates the data privacy risks associated with modern copiers, the United States Department of Health and Human Resources (HHS) has announced a $1,215,780 settlement with Affinity Health Plan, Inc. (Affinity), arising from an investigation of potential violations of the HIPAA Privacy and Security Rules.

This matter started when Affinity was advised by CBS Evening News that CBS had purchased a photocopier previously leased by Affinity.  CBS explained that the copier’s hard drive contained confidential medical information relating to Affinity patients.  As a result, on August 15, 2010, Affinity self-reported a breach with the HHS’ Office for Civil Rights (OCR).  Affinity estimated that the medical records of approximately 344,000 persons may have been affected by this breach.  Moreover, Affinity apparently had returned multiple photocopiers to office equipment vendors in the past without erasing the data contained upon the internal hard drives of those returned copiers.

After investigating this matter, OCR determined that Affinity had failed to incorporate photocopier hard drives into its definition of electronic protected health information (ePHI) in its risk assessments as required by the Security Rule.  Affinity also failed to implement appropriate policies and procedures to scrub internal hard drives when returning photocopiers to its office equipment vendors.  As a result, OCR determined that Affinity also violated the Privacy Rule.

In discussing this issue, Leon Rodriguez, Director of OCR, stated that, “This settlement illustrates an important reminder about equipment designed to retain electronic information: Make sure that all personal information is wiped from hardware before it is recycled, thrown away or sent back to a leasing agent…HIPAA covered entities are required to undertake a careful risk analysis to understand the threats and vulnerabilities to individuals’ data, and have appropriate safeguards in place to protect this information.”

In addition to the agreed upon settlement payment of $1,215,780, the settlement also requires the implementation of a Corrective Action Plan (CAP).  The CAP requires Affinity to use its best efforts to retrieve all hard drives that were contained on photocopiers previously leased by the plan that remain in the possession of the leasing agent, and take protective measures to safeguard all ePHI going forward.

Points to Consider

Affinity’s case demonstrates the risks presented by the modern copier – they are specialized computers that will store data and retain itindefinitely.  Thus, they pose a security risk for any company that processes and/or possesses personally identifiable information or proprietary information, such as trade secrets, research and development records, marketing plans and financial information.  Clearly, this risk applies to businesses regardless of specific business sector.

Therefore, when acquiring a copier, consider all options available to protect the data processed on that machine, typically through encryption or overwriting.  Encryption will scramble the data that remains stored on the copier’s hard drive.  Overwriting (or wiping) will make reconstructing the data initially on the drive very difficult.

Finally, anticipate the copier’s return to the vendor or other disposition.  Make sure that arrangements are made prior to the copier’s departure to effect the hard drive’s removal and secure disposition so as to make any data on it unusable to third parties.  Often vendors will provide such a service as will IT consultants.

Note that protecting sensitive information is a company’s ongoing responsibility.  Make sure that copiers are considered as part of any comprehensive data security or privacy policy (as are PCs, laptops, smart phones, flash drives and other electronic devices) to avoid an avoidable, but costly and embarrassing, data breach.

For additional information from the FTC on safeguarding sensitive data stored on the hard drives of digital copiers, click here.

Article By:

 of

U.S. Medical Oncology Practice Sentenced for Use and Medicare Billing of Cancer Drugs Intended for Foreign Markets

GT Law

In a June 28, 2013 news release by the Office of the United States Attorney for the Southern District of Californiain San Diego, it was reported that a La Jolla, California medical oncology practice pleaded guilty and was sentenced to pay a $500,000 fine, forfeit $1.2 million in gross proceeds received from the Medicare program, and make restitution to Medicare in the amount of $1.7 million for purchasing unapproved foreign cancer drugs and billing the Medicare program as if the drugs were legitimate. Although the drugs contained the same active ingredients as drugs sold in the U.S. under the brand names Abraxane®, Alimta®, Aloxi®, Boniva®, Eloxatin®, Gemzar®, Neulasta®, Rituxan®, Taxotere®, Venofer® and Zometa®), the drugs purchased by the corporation were meant for markets outside the United States, and were not drugs approved by the FDA for use in the United States. Medicare provides reimbursement only for drugs approved by the Food and Drug Administration (FDA) for use in the United States. To conceal the scheme, the oncology practice fraudulently used and billed the Medicare program using reimbursement codes for FDA approved cancer drugs.

In pleading guilty, the practice admitted that from 2007 to 2011 it had purchased $3.4 million of foreign cancer drugs, knowing they had not been approved by the U.S. Food and Drug Administration for use in the United States. The practice admitted that it was aware that the drugs were intended for markets other than the United States and were not the drugs approved by the FDA for use in the United States because: (a) the packaging and shipping documents indicated that drugs were shipped to the office from outside the United States; (b) many of the invoices identified the origin of the drugs and intended markets for the drugs as countries other than the United States; (c) the labels did not bear the “Rx Only” language required by the FDA; (d) the labels did not bear the National Drug Code (NDC) numbers found on the versions of the drugs intended for the U.S. market; (e) many of the labels had information in foreign languages; (f) the drugs were purchased at a substantial discount; (g) the packing slips indicated that the drugs came from the United Kingdom; and (h) in October, 2008 the practice had received a notice from the FDA that a shipment of drugs had been detained because the drugs were unapproved.

In a related False Claims Act lawsuit filed by the United States, the physician and his medical practice corporation paid in excess of $2.2 million to settle allegations that they submitted false claims to the Medicare program. The corporation was allowed to apply that sum toward the amount owed in the criminal restitution to Medicare. The physician pleaded guilty to a misdemeanor charge of introducing unapproved drugs into interstate commerce, admitting that on July 8, 2010, he purchased the prescription drug MabThera (intended for market in Turkey and shipped from a source in Canada) and administered it to patients. Rituxan®, a product with the same active ingredient, is approved by the Food and Drug Administration for use in the United States.

Article By:

 of

Resale Price Maintenance in China: Enforcement Authorities Imposing Large Fines for Anti-Monopoly Law Violations

McDermottLogo_2c_rgb

Recently Shanghai High People’s Court reached a decision in the first lawsuit involving resale price maintenance (RPM) since China’s Anti-Monopoly Law (AML) came into effect five years ago.  Shortly thereafter, a key enforcement agency announced RPM-related fines against six milk powder companies, five of which are non-Chinese.  Both cases clearly show that RPM can be a violation of the AML, and that RPM is currently under much greater scrutiny by enforcement authorities.  It would be prudent for all foreign corporations active in China’s consumer markets to take heed of these changes in China and conduct an immediate review of any potential RPM violations.

On 1 August 2013 the Shanghai High People’s Court reached a decision in the first anti-monopoly lawsuit involving resale price maintenance (RPM) since China’s Anti-Monopoly Law (AML) came into effect in August 2008.  In addition to this judicial decision, on 7 August 2013 one of the key agencies in charge of enforcing the AML, the National Development and Reform Commission (NDRC), announced RPM-related fines of USD 109 million against six milk powder companies, five of which are non-Chinese.  Both the High People’s Court and the NDRC have been striving to clarify how they will treat RPM, and specifically have focused on the issue of whether RPM should be treated as a per se violation or should be evaluated according to a “rule of reason” analysis.

Judicial Decisions in Civil Lawsuits

According to the recent decision by the Shanghai High People’s Court, in order to hold that an RPM provision is a monopoly agreement, the court must find that the RPM provision has restricted or eliminated competition.  Furthermore, the burden of proof will be on the plaintiff to show a restriction or elimination of competition arising out of the RPM.  The High People’s Court explicitly stated that this burden is the opposite from the burden of proof for horizontal monopolies, such as a cartel, in which case the burden of proof falls on the defendant to show that the agreement does not have any effect of eliminating or restricting competition.  This burden for horizontal monopolies has been further examined and confirmed by the “Judicial Interpretation of Anti-Monopoly Disputes” that was issued by China’s Supreme People’s Court on 1 June 2012.

Administrative Decisions in Enforcement Actions—Liquor and Infant Milk Formula

There have been several key RPM enforcement actions in 2013.  In February, the NDRC imposed a fine of USD 80 million on the famous Chinese liquor brands Maotai and Wuliangye for requiring distributors to resell the products above a certain price, which is common in some sectors in China.  On 2 July, according to the Price Supervision and Anti-Monopoly Bureau of the NDRC, six milk powder companies came under investigation for RPM violations of the AML.  According to the NDRC’s statements on the case, “from the evidence obtained, the milk powder companies under investigation instituted price controls over distributors and retailers, which excluded and limited market competition and therefore are alleged to have violated the Anti-Monopoly Law”.  The NDRC later announced record fines in that case of USD 109 million, which were the equivalent of between 3 per cent and 6 per cent of the companies’ revenue in 2012.

According to media reports, in the Maotai and Wuliangye cases, the NDRC provided clear indications about some of the factors that it will consider when determining whether the RPM has “eliminated or restricted competition”.   Specifically, when assessing the relevant market and market power of the two companies, the NDRC analysed the market structure and the role played by the two companies in the liquor industry, as well as the degree to which the products are substitutable with similar products and the loyalty of consumers towards the two liquors.  Based on this analysis, the NDRC concluded that the RPM provisions in the agreements with distributors of the two liquor giants eliminated and restricted competition, and thus were vertical “monopoly agreements”.

According to recent media reports, the NDRC has indicated it will “severely crack down” on and sanction vertical monopoly agreements such as RPM if they are maintained by business operators dominant in the market.  If business operators are not dominant, the NDRC reportedly indicated that it would still investigate all vertical monopoly conduct and determine if there has been any elimination or restriction of competition.

Conclusions

These civil lawsuits and administrative cases clearly show that RPM can be a violation of the AML and that RPM is currently under much greater scrutiny by enforcement authorities.  If RPM is an issue in civil lawsuits, a plaintiff will have to prove that RPM eliminates or restricts competition.  However, there are some indications that this burden of proof may be easily met.  In administrative cases, the NDRC will have to be satisfied that it has sufficient proof to show there is an elimination or restriction of competition.  However, it is unclear what level of evidence would be required to show such a restriction and it may not be a very high level, especially if the accused business operator is dominant in the market.

RPM has been a common feature of distribution agreements and other contracts in many sectors in China.  However, the recent cases clearly show there is a serious compliance risk if RPM continues to be part of a corporation’s normal practices.  This is particularly true for business operators that have a dominant market position or a group of business operators that are regarded as jointly dominant under the AML (in China, in certain circumstances, dominance is presumed with a market share as low as 10 per cent).  Unless the RPM conduct clearly falls within an exception in Article 15 of the AML, a company using RPM may face serious fines and confiscation of illegal gains.  It would be prudent for all foreign corporations active in China’s consumer markets to take heed of these changes to the enforcement priorities of the competition/antitrust authorities in China and conduct an immediate review of any potential RPM violations.

Alex An and Jared Nelson also contributed to this article.

Article By:

 of

Mexico: U.S. Natural Gas Savior?

Bracewell & Giuliani Logo

Much has been made of the exponential growth in natural gas supply within the continental United States due to the horizontal drilling and fracking techniques employed in recent years. The resulting natural gas glut has reversed the conventional wisdom that America would be a net importer of natural gas for most of the 21st century with the expectation now being that America, despite being by far the world’s largest consumer of hydrocarbons, will be a significant exporter of natural gas overseas in the coming years and decades. This development has resulted in a flurry of proposed liquefied natural gas (“LNG”) terminals that hope to export natural gas in order to take advantage of the large spreads between prices in America and those in Europe and Asia. Those price spreads exist because a worldwide market for natural gas doesn’t exist, as opposed to oil where the relatively short-lived Brent-WTI price differential has evaporated in recent months.

However, these export terminals cannot export gas to foreign countries lacking a free trade agreement with the U.S. without permits from the U.S. Department of Energy and the Federal Energy Regulatory Commission (“FERC”). The queue for approval is long with only three facilities (including most recently the Lake Charles LNG Project in Lake Charles, Louisiana) receiving approval from the Department of Energy and only one of those (the Sabine Pass project in Cameron Parish, Louisiana) receiving approval from FERC. Given the long construction lead times for these projects and political pressure from environmentalists and buyers of natural gas who want prices to remain low, it won’t be until 2016 when any significant volumes of LNG are exported from the continental United States. Rival producers such as Qatar, Australia and Indonesia are rapidly signing contracts with Japan, Korea and China to satisfy the long-term needs of those countries as America continues to delay the development of its LNG infrastructure.

Meanwhile, the historically low natural gas prices created by the production glut are forcing energy companies to find a profitable market for their natural gas in the short to medium term. They appear to have found one in America’s backyard: Mexico. Constructing pipelines to straddle the U.S.-Mexico border entail less regulatory complexities and attract less political attention than LNG exports. With the existing U.S.-Mexico natural gas pipelines almost at capacity, energy companies cannot build border pipelines fast enough, with several new pipeline projects coming online, including Kinder Morgan’s El Paso Natural Gas Co. export pipeline near El Paso, Texas, with a capacity of 0.37 billion cubic feet per day. According to the U.S. Energy Information Administration all of the in-progress pipeline projects on the U.S.-Mexico border could result in a doubling of American natural gas exports to Mexico by the end of 2014.

This new export market should continue to support U.S. shale development in the near-term and medium-term future, especially in Texas, despite low natural gas prices and continued supply growth. Longer term prospects for U.S. natural gas exports to Mexico are also bright as well. Even though Mexico has large hydrocarbon reserves itself, the 1938 nationalization of its oil industry and the subsequent decades of underinvestment have seen Mexican hydrocarbon production steadily decline in the last decade. The Mexican constitution effectively prohibits private investment in hydrocarbon production and the Mexican public firmly believes in public ownership of hydrocarbons. There is widespread agreement among many Mexican politicians that private capital, especially from U.S. energy companies with the expertise to tap offshore and shale hydrocarbons, is needed to reverse the production decline, but whether public opposition can be overcome remains in doubt. Mexican President Enrique Peña Nieto is pushing constitutional reforms to attract foreign capital, but even if those pass Mexico is years away from converting any private capital into increased production. If those reforms do not pass, Mexico will be forced to continue to look to U.S. natural gas producers to provide it with its growing energy needs.

So while a regulatory bottleneck is endangering America’s ability to be a long-term overseas exporter of natural gas, Mexico, with its growing economy and inability to tap its own reserves, seems poised to play an outsized role in a continued expansion of American natural gas production. LNG exports might be the wave of the future, but natural gas exports to Mexico are the here and now.

 of

Doing Business In Latin America: Does Your Local Supplier Have Best Practices In Place So That Your Company Can Avoid Liability Under The Foreign Corrupt Practices Act (FCPA)?

Sheppard Mullin 2012

Imagine yourself the CEO of a successful multinational company. In the past few years, you have overseen ACME’s expansion into Latin America – a market whose demographic profile holds the promise of mouthwatering profits for your company, particularly with the upcoming holiday season. As they say, la vida es buena!

In planning for the Latin America expansion, you knew about the rules and prohibitions of the Foreign Corrupt Practices Act (“FCPA”) and implemented measures to ensure your employees do not run afoul of the law. However, you may not have known that the company can incur FCPA liability for payments made by third parties, such as such as suppliers, logistics providers, and sales agents, with whom your company works. In fact, a company can be held liable if it knows or should know that a third-party intends to make a corrupt payment on behalf of or for the benefit of the company. Because a company can be responsible for conduct of which it should have known, a conscious disregard or deliberate ignorance of the facts will not establish a defense.

To protect your company from third party liability, it is essential to perform due diligence on potential business partners. This is not to say that you cannot consider the recommendations of local employees in selecting business partners. Relying on those recommendations alone, however, could expose the company to FCPA liability if that company does not conduct itself with the same level of integrity that you do. The amount of diligence necessary varies from one potential business partner to the next and can include an anti-corruption questionnaire, document review, reference interviews, or local media review, among other things.

That’s all well and good, but what about companies with whom you are already doing business and whom you now realize you may not have adequately investigated? Asking to review those companies’ FCPA compliance policies is a good first step. If you determine that a policy is inadequate, you may ask the company to provide FCPA training to its employees. You should also carefully monitor the company’s contract performance to ensure compliance. In particular, you should consider evidence of unusual payment patterns, extraordinary “commissions,” or a lack of transparency. The key question is: how is the company spending your money?

When in doubt, experienced legal counsel can assist you in navigating these and other FCPA issues. For example, Sheppard Mullin offers Spanish language training on the provisions of the FCPA and advice for successfully implementing internal safeguards and controls to protect against FCPA liability.

With a solid FCPA plan in place, your thoughts wander back to the upcoming holiday season and your company’s projected profits for the new Latin America division and you smile to yourself. La vida es buena.

 of

International Trade Commission Addresses Use of Standard-Essential Patents in Section 337 Investigations

McDermottLogo_2c_rgb

The International Trade Commission (ITC) addressed for the first time the issue of whether infringement of a patent that has previously been declared “standard-essential” may form the basis for either a limited exclusion order or cease-and-desist order under a § 337, ruling that nothing in the ITC’s enabling statute prevents issuing an exclusion order, even if the complainant is under an obligation to license the patent.  Certain Electronic Devices, Including Wireless Communication Devices, Portable Music and Data Processing Devices, and Tablet Computers, Inv. No. 337-TA-794, (U.S. ITC, June 4, 2013) (ITC, per curiam); Commissioner Pinkert, dissenting).

The complainant, Samsung Electronics, held two patents that it had previously declared to be “standard-essential” to the Universal Mobile Telecommunications System promulgated by the European Telecommunications Standards Institute (ETSI).  ETSI’s Intellectual Property Rights policy required Samsung to offer licenses to such patents on fair, reasonable and non-discriminatory (FRAND) terms.  After licensing negotiations between Samsung and the respondent, Apple, broke down, Samsung filed a complaint at the ITC requesting a limited exclusion order against Apple’s mobile communication products.  After the administrative law judge ruled, on an initial determination (ID), that none of the patents at issue were valid and infringed, the ITC determined to review the ID and sought views from both the parties and the public as to whether Samsung’s declaration of the patents at issue as “standard-essential” should affect either the ITC’s analysis of whether there was a violation of § 337 or what relief should be provided.

In its final determination, the ITC found one of the two patents to be both valid and infringed, and that the proper relief was a limited exclusion and cease-and-desist order directed to the infringing articles.  The ITC first rejected Apple’s argument that the Commission should not investigate an alleged violation of § 337 based on infringement of patents subject to a FRAND undertaking, ruling that under § 337(b)(1), the ITC is required to investigate any alleged violation based upon a complaint under oath, whether or not those patents have been declared standard-essential.  The ITC also rejected Apple’s theory that the Commission “cannot address infringement of standard-essential patents other than in the exceptional scenarios such as where a potential licensee has refused to pay a royalty after a U.S. court has determined that royalty to be FRAND, or where no U.S. court has jurisdiction over the potential licensee in order to set a FRAND rate,” ruling that the remedies provided under § 337 could be imposed in addition to any damages or injunctions available from a district court.

The ITC further determined that Apple had not “properly argued any affirmative defense that would preclude the Commission from finding a violation based on assertion of a declared-essential patent,” such as a breach of contract, promissory estoppel, laches or fraud  The ITC ruled that even if Apple had offered sufficient evidence that the FRAND declaration was a legally enforceable obligation, the patents at issue were actually necessary to practice the standard and that Samsung was required to grant irrevocable licenses under FRAND terms to any party, it still would not have found in Apple’s favor, because the parties’ final offers were sufficiently close to each other that Samsung did not violate its obligation to negotiate in good faith.  Importantly, the ITC found that Samsung was not under any obligation to make an initial offer that was FRAND, because “the SSO intends the final license to be accomplished through negotiation” and “even if it were true that a FRAND agreement that requires Apple to pay Samsung ultimately is not reasonable, the offers that Apple criticizes do not necessarily demonstrate that Samsung has violated its FRAND obligations by failing to negotiate in good faith” (emphasis in original).  Finally, the ITC rejected the theory that whether a patent has been declared standard-essential should be considered when the public interest is analyzed, finding that its consideration of the public interest is limited solely to the four factors listed in § 337(d)(1).

Uncommonly for a Commission opinion, Commissioner Dean Pinkert wrote a dissent arguing that the ITC should not issue an exclusion order based on Samsung’s obligation to license the patents on a FRAND basis, that the evidence indicated Samsung was unwilling to make a FRAND licensing offer with respect to the standard-essential patents and that the absence of a FRAND offer should have a bearing on whether relief under § 337 is in the public interest.  Specifically, Commissioner Pinkert found that it was neither fair nor non-discriminatory for a FRAND-encumbered patent holder to require licenses to non-FRAND-encumbered patents as a condition for licensing the FRAND-encumbered patent.  Commissioner Pinkert also would have found that the statutory language of § 337(d)(1), as well as the legislative history of the statute that “any evidence” of price gouging or monopolistic practices on the part of the complainant would be a proper basis for denying exclusion, suggests that the section should be read broadly.

Practice Note:  The Commission’s rejection of a per se rule barring exclusion orders for patents that have been declared standard-essential is likely to lead to have a number of effects, including increased litigation of standard essential patents at the ITC, counter-suits requesting that a district court rule determine what royalty rate is FRAND and/or requesting that a complainant be enjoined from proceeding before the ITC, presidential review taking on increased importance and potential legislative action to curb the ITC’s jurisdiction.

Article By:

 of

Federal Trade Commission (FTC) Settles with HTC America Over Charges it Failed to Secure Smartphone Software

RaymondBannerMED

Smartphone manufacturer HTC agreed in February to settle Federal Trade Commission (FTC) charges that the company failed to take reasonable steps to secure software it developed for its mobile devices including smartphones and tablet computers. In its complaint, the FTC charged HTC with violations of the Federal Trade Commission Act.  On July 2 the FTC approved a final order settling these charges.

trade FTC smartphone HTC

The FTC alleged HTC failed to employ reasonable security measures in its software which led to the potential exposure of consumer’s sensitive information. Specifically, the FTC alleged HTC failed to implement adequate privacy and security guidance or training for engineering staff, failed to follow well-known and commonly accepted secure programming practices which would have ensured that applications only had access to users’ information with their consent. Further, the FTC alleged the security flaws exposed consumers to malware which could steal their personal information stored on the device, the user’s geolocation information and the contents of the user’s text messages.

HTC is a manufacturer of smartphones but it also installs its own proprietary software on each device. It is this software that the FTC targeted. While HTC smartphones run Google’s Android operating system, the HTC software allegedly introduced significant vulnerabilities which circumvented some of Android’s security measures.

As part of the settlement consent order, HTC agreed to issue security patches to eliminate the vulnerabilities. HTC also agreed to establish a comprehensive security program to address the security risks identified by the FTC and to protect the security and confidentiality of consumer information stored on or transmitted through a HTC device. HTC further agreed to hire a third party to evaluate its data and privacy security program and to issue reports every two years for the consent order’s 20 year term. The implication of the FTC’s policy makes it clear that companies must affirmatively address both privacy and data security issues in their custom applications and software for consumer use.

Financial Services Legislative and Regulatory Update – July 15, 2013

Mintz Logo

Leading the Past Week

Although there were several hearings and major implementations of Dodd-Frank rules, the leading story from the past week had to be Majority Leader Harry Reid (D-NV) filing cloture on seven Administration nominees, including Richard Cordray to continue as head of the Consumer Financial Protection Bureau (CFPB).  This is the start of a process that could end up with Leader Reid going for the “nuclear option” of changing the Senate rules dealing with the filibuster of certain nominations.  Based on some reports, it appears that Reid has the votes and that Cordray may be the sticking point in the negotiations.  Interestingly,  late last week Chairman Tim Johnson (D-SD) and the eleven other Democratic Members of the Banking Committee, wrote Minority Leader Mitch McConnell (R-KY) to end the Republican filibuster of Cordray’s nomination, requesting “an up-or-down vote on the nominee’s merits.”

While it remains to be seen how the filibuster cold war will resolve itself, last week the Congressional Budget Office (CBO) announced that the government achieved a surplus of $116.5 billion in June, the largest in five years.  This surplus, due in part to $66.3 billion in dividend payments from the GSEs, only solidified that this fall will see yet another convergence of a debt ceiling / government funding fight as both the debt limit and end of the federal fiscal year appear to be aligned to come due at the same time.  

We also saw several important steps forward in the implementation of the Dodd-Frank Act, including a proposed leverage ratio rule, approval of a final rule implementing capital requirements in excess of those required by Basel III, the designation of two nonbanks as SIFIs, and the long awaited announcement of the Commodity and Futures Trade Commission’s (CFTC) cross-border derivatives rulemaking.

Legislative Branch

Senate

Senate Banking Hearing Discusses Dodd-Frank Progress, Risk Mitigation

On July 11th, the Senate Banking Committee met to discuss Dodd-Frank implementation progress and whether financial reforms have succeeded in mitigating systematic risk from large financial institutions.  Witnesses included Treasury Under Secretary for Domestic Finance Mary Miller, Fed Governor Daniel Tarullo, Federal Deposit Insurance Commission (FDIC) Chairman Martin Gruenberg, and Office of the Comptroller of the Currency (OCC) head Thomas Curry.  In their testimony, regulators said that they expect almost all remaining Dodd-Frank rules, including capital surcharges for systematically important banks, the Volcker Rule, and liquidity rules to be finalized by the end of the year.  Regulators also expressed confidence that the recently finalized Basel III rules, when combined with proposed stricter leverage requirements, will be an effective means of ensuring that banks carry enough capital.  Notwithstanding the assertion of the regulators that the implementation of Dodd-Frank was nearing a close, Ranking Member Crapo remarked in his opening statement that there is a growing bipartisan consensus that some parts of Dodd-Frank need to be reformed.  In particular, he mentioned the burden of regulations on community banks, short-term wholesale funding, debt to equity ratios for large banks, and the perceived continuation of “too big to fail” as areas that require address.   

Democratic Senators Request CFPB, DOL Look Into Prepaid Payroll Cards

Following a front page story in the New York Times, on July 11th, sixteen Senate Democrats wrote to the CFPB and Department of Labor (DOL) requesting that the agencies investigate fees and practices associated with pre-paid payroll cards.  The letter was particularly strong, including the assertion “that mandating the use of a particular payroll card, with no available alternative, seems clearly to violate federal law,” the lawmakers requested that CFPB Director Cordray clarify whether employers provide sufficient alternatives for payment. The letter was signed by Senators Richard Blumenthal (D-CT), Chuck Schumer (D-NY), Joe Manchin (D-WV), Tom Harkin (D-IA), Barbara Boxer (D-CA), Dick Durbin (D-IL),  Debbie Stabenow (D-MI), Bob Menendez (D-NJ), Ben Cardin (D-MD), Robert Casey (D-PA), Jeffrey Merkley (D-OR), Brian Schatz (D-HI), Martin Heinrich (D-NM), Elizabeth Warren (D-MA), Mark Warner (D-VA), and Al Franken (D-MN).  It is unclear whether this letter will spur the CFPB to re-engage on its broader general purpose reloadable card ANPRM that is still pending with the agency.

Bipartisan Group of Senators Introduce the 21st Century Glass-Steagall Act

On July 11th, Senators Elizabeth Warren (D-MA), John McCain (R-AZ), Maria Cantwell (D-WA), and Angus King (I-ME) introduced legislation that would reinstate the Glass-Steagall Act by separating FDIC insured depository divisions from riskier banking activities such as investment banking, insurance, swaps dealing, and hedge fund and private equity activities.  By curbing those activities at federally insured institutions, the bill aims to eliminate the concept of “too big to fail” by making institutions smaller and thus decreasing the need, either real or perceived for a government bailout if the institution were to fail.

Senate Banking Leaders to Introduce FHA Reform Bill

Last week, Senate Banking Committee Chairman and Ranking Member Tim Johnson (D-SD) and Mike Crapo (R-ID) announced they will introduce legislation this week to provide the Federal Housing Administration (FHA) with additional authority, including the ability to charge higher premiums, to “get back on stable footing.” The FHA currently has a $943 million short fall in its insurance fund and a Treasury bailout is expected without additional Congressional action. The House has already passed a measure this year which would allow the agency to make changes to the Home Equity Conversion Mortgage program.

House of Representatives

House Approves FSOC, PCAOB Bills

On July 8th, the House passed two bills, the first to require the Financial Stability Oversight Council (FSOC) to study the effects of derivatives-related capital exemptions, and the second to bar the Public Accounting Oversight Board (PCAOB) from requiring public companies to regularly change auditors. The Financial Competitive Act of 2013 (H.R. 1341) passed the House by a 353 to 24 vote and directs the FSOC to study and report to Congress on an exemption for EU banks from the credit valuation adjustment (CVA) capital charge which was part of the Basel III agreements. The Audit Integrity and Job Protection Act (H.R. 1564) passed the House by a 321 to 62 vote and would do away with mandatory audit-form rotations currently required by the agency. Ranking Member of the House Financial Services Committee Maxine Waters (D-CA) expressed concern that the bill would result in “diminished information” and increased costs. The legislation also directs the Government Accountability Office to update a 2003 study on the Potential Effects of Mandatory Audit Firm Rotation.

House Republicans Unveil Housing Finance Reform Legislation

On July 11th, Chairman of the Financial Services Committee Jeb Hensarling (R-TX), unveiled the Protecting American Taxpayers and Homeowners (PATH) Act which would reform the US housing finance system by phasing out Fannie Mae and Freddie Mac and moving to a largely private system. The legislation would continue to wind down the GSEs’ portfolios while establishing new rules for private covered bonds and mortgage bonds. The legislation would also reign in the FHA and its ability to insure loans for only low income borrowers, reducing how much of a loan the FHA can insure. Notably, the proposal would also repeal the Dodd-Frank Act’s risk-retention rule and place a two year hold on Basel III capital rules. Also worth noting is that despite earlier hopes that Hensarling and Ranking Member Maxine Waters (D-CA) might be able to find some common ground housing reform, Ms. Waters said she was “strongly disappointed” by Hensarling’s proposal.  The Committee would hold a hearing on July 18th to examine the legislation.

House Financial Services Subcommittee Grills CFPB Over Data Collection

On July 9th, the House Financial Services Subcommittee on Financial Institutions and Consumer Credit held a hearing to examine how the CFPB collects and uses consumer data and personal information. CFPB Acting Deputy Director Steven Antonakes received heavy criticism from Committee Republicans for being unable to provide exact numbers on how many Americans the Bureau has collected information.  Republican lawmakers also criticized many of the data collection practices of the agency, citing concerns that the collection infringes on citizens’ right to privacy and attempting to draw analogies to the current NSA and IRS scandals.  Still, Antonakes and to some extent, Committee Democrats insisted that the CFPB is a data-driven agency, that the data being collected is, except when the result of a consumer contact, anonymized and that the CFPB takes very seriously its obligation to protect its data as it is vital to the Bureau’s work.                                                   

 

House Financial Services Subcommittee Explores Constitutionality of Dodd-Frank

On July 9th, the House Financial Services Subcommittee on Oversight and Investigations held a hearing to consider potential legal uncertainties in the Dodd-Frank Act.  The hearing featured testimony from three constitutional scholars, each of whom expressed concern that certain provisions of the law may be unconstitutional.  Professor Thomas Merrill, of Columbia Law School, argued that there are large constitutional concerns surrounding the orderly liquidation provision and the government’s power to seize control of an institution.  While the provision is likely legal, he said, it would undoubtedly be litigated the first time it is invoked. In addition, Boyden Gray, testified that Dodd-Frank violates separation of power by giving too much power to regulators, while Timothy McTaggart, a partner at Pepper Hamilton LLP, argued that Dodd-Frank ultimately does not violate separation of powers or the due process clause. 

House Financial Services Subcommittee Explores Small Business Capital Formation

On July 10th, the House Financial Services Subcommittee on Capital Markets and Government Sponsored Enterprises held the second in a series of hearings exploring existing barriers to capital formation.  In his opening statement, Chairman Scott Garrett (R-NJ) made it clear that the sponsors of last year’s JOBS Act are not satisfied with the bill’s implementation and are looking for new ideas to help small businesses build capital.  Additional proposals could include increasing tick sizes, creating special exchanges for the stock of small companies, and changing filing rules for small business financial statements. Witnesses expressed additional concerns; Kenneth Moch, CEO of Chimerix, noting the cost of compliance with internal controls associated with Sarbanes-Oxley, and Christopher Nagy, President of Kor Trading, calling for patent litigation reform.

House Appropriations Subcommittee Marks Up FY 2014 Financial Services Spending Bill

On July 10th, the House Appropriations Subcommittee on Financial Services and General Government met to consider the $17 billion FY2014 Financial Services and General Government spending bill, approving the legislation by voice vote. The bill funds a variety of agencies, including the Securities and Exchange Commission (SEC), Treasury, Internal Revenue Service (IRS), and others. The legislation boosts the SEC’s budget by $50 million to $1.4 billion, a figure that is still over $300 million dollars short of the President’s budget request.  In addition, the bill would bring the CFPB into the normal appropriations process beginning in 2015, something which Republicans have sought to do since the standing up of the Bureau. Despite serving as one of the main sticking points against Director Cordray’s confirmation, the bid to move the Bureau’s funding out from the control of the Federal Reserve is unlikely to be successful.

Executive Branch

CFTC

CFTC Finalizes Cross-Border Derivatives Rule, Including Effective Date Delay

Following several weeks of rampant speculation over the fate of the CFTC’s proposal to regulate cross-border swaps trades, the CFTC voted 3 to 1 on July 12th phase in guidance governing how U.S. derivatives laws apply to foreign banks. The CFTC also approved an “exemptive order” extending the effective date for the new requirements to 75 days after the guidance is published in the Federal Register. In addition, by December 21st, the Commission hopes to approve additional “substituted compliance” requests that will enable market participants to meet the requirements put out by other countries, including the EU, Japan, Hong Kong, Australia, Canada, and Switzerland.

The CFTC’s vote follows the news that the Commission reached an agreement with EU regulators on how the two regulatory zones would oversee cross-border derivatives deals. The agreement will allow uncleared transactions that are deemed to fall under certain “essentially identical” US and EU rules to be governed by just the EU. In addition, the agreement allows US market participants to directly trade on a foreign board of trade and addresses US fears over loopholes for firms engaged in high-risk overseas operations, among other things. The CFTC also released four “no-action letters” on July 11thwhich implement the agreement with the EU.

Federal Reserve

Federal Reserve Releases Minutes of June FOMC Meeting

On July 10th, the Fed released the minutes of the June 18th and 19th meeting of the Federal Open Markets Committee. Following market disruptions after Chairman Bernanke’s statements after the June meeting, the FOMC minutes shed light on how the Fed plans to proceed in winding down its quantitative easing program by stressing that continuation of the monthly billion dollar asset purchases will largely depend on continued economic growth. Regardless of the exact timing, it appears a tapering of the highly accommodative monetary policy will occur in the near- to mid-term, as the minutes state: “several members judged that a reduction in asset purchases would likely soon be warranted, in light of the cumulative decline in unemployment since the September meeting and ongoing increases in private payrolls, which had increased their confidence in the outlook for sustained improvement in labor market conditions.”

Regulators Propose Exempting Certain Mortgages from Appraisal Requirements

On June 10th, six regulatory agencies issued a proposed rule exempting certain subsets of high-priced mortgages from Dodd-Frank appraisal requirements.  The exempted mortgages include loans of $25,000 or less, certain “streamlined” refinancings, and some loans for manufactured homes. The new rule is meant to lower cost hurdles for borrowers and improve mortgage lending practices.  The proposal was released jointly by the Fed, CFPB, FDIC, OCC, Federal Housing Finance Administration (FHFA), and the National Credit Union Administration (NCUA).

FDIC

Regulators Propose Leverage Ration Rule; Finalize Rule Implementing Basel III Agreement

On July 9th, the Fed, FDIC, and OCC released a new proposal which would require federally insured banks with more than $700 billion in assets to meet a 6 percent leverage ratio, double the 3 percent ratio agreed to under the Basel III. The proposed rule would currently capture eight US banks, including: JPMorgan Chase, Bank of America, Bank of New York Mellon, State Street, Citigroup, Goldman Sachs, Wells Fargo, and Morgan Stanley. The holding companies of these institutions would be required to meet a 5 percent leverage threshold, the Basel III 3 percent minimum plus a 2 percent buffer. The same day the FDIC and OCC finalized an interim final rule to implement the Basel III international bank capital agreement, which the Federal Reserve adopted unanimously the previous week.

Treasury

FSOC Releases Final AIG, GE SIFI Designations

On July 9th, the Financial Stability Oversight Council (FSOC) voted to designate American International Group (AIG) and GE Capital as the first two nonbank financial companies required to meet additional regulatory and supervisory requirements associated with being systemically important financial institutions (SIFIs). As such, these companies will be subject to supervision by the Fed’s Board of Governors and to enhanced prudential standards. In deciding to designate these two nonbanks, the FSOC noted AIG’s “size and interconnectedness” and GE’s role as a “significant participant in the global economy and financial markets.” Remarking on the designations, Treasury Secretary Jack Lew said that they will help “protect the financial system and broader economy” and that the Council will “continue to review additional companies in the designations process.”

CFPB

Bureau Updates 2013 Rulemaking Schedule

On July 8th, the OIRA released an updated list of rulemakings and their status at the CFPB.  The list included a variety of items, at different stages of the rulemaking process. 

CFPB Warns it Will Closely Scrutinize Debt Collection

On July 0th, the CFPB announced that it will be heavily examining the practices used to collect debt from borrowers.  The CFBP also said that it will be looking into the activities of both third-party collection agencies, which are subject to regulations under the Fair Debt Collection Practices Act (FDCPA), in addition to lenders trying to collect directly from borrowers who are not covered by FDCPA. As part of this effort, the Bureau has published two bulletins outlining illegal and deceptive debt collection practices. The first bulletin outlines that any creditor subject to CFPB supervision can be held accountable for any unfair, deceptive, or abusive practices in collecting a consumer’s debts. The first bulletin also warns against threatening actions, falsely representing the debt, and failing to post payments. The second bulletin cautions companies about statements they make about how paying a debt will affect a consumer’s credit score, credit report, or creditworthiness. As part of this crackdown, the CFPB will also begin accepting debt collection complaints from consumers.

SEC

Commission Finalizes JOBS Act General Solicitation Rule

On July 10th, the SEC adopted in a 4 to 1 vote a final rule to lift the ban on general solicitation and general advertising for certain private securities offerings. Commissioner Luis Aguilar was the sole no vote, saying that the rule puts investors at risk. In remarks delivered the same day, Aguilar said that the rule does not contain sufficient investor protections as is, and it is not enough to rely on “speculative future actions to implement common sense improvements” to ensure investor safety. In conjunction with this vote, the agency proposed for comment a separate rule which will increase the amount of disclosures which issuers must provide on public offerings, such as providing the SEC with 15 days advance notice of the sale of unregistered securities, and provide for other new safeguards.  Commissioners Dan Gallagher and Troy Paredes both opposed the new disclosure requirements, citing concerns that they would “undermine the JOBS Act goal of spurring our economy and job creation.” The SEC also approved in a 5 to zero vote a rule which would prohibit felons and other “bad actors” from participating in offerings.

Lawmakers on both sides of the aisle had strong opinions about the final general solicitation rule. Democratic lawmakers, though somewhat assuaged by the additional disclosure safeguards, echoed Commissioner Aguilar’s sentiments regarding investor safety. In particular, Senator Carl Levin (D-MI) said in a statement that he was disappointed in Chairman Mary Jo White for advancing a rule with too few investor protections.  On the other hand, Representative Patrick McHenry (R-NC) accused the SEC of flaunting Congressional intent by moving forward with the additional filing and disclosure requirements, saying the requirements will “unjustifiably burden American entrepreneurs” and “neutralize congressional intent.”

SEC Delays Rules on Retail Forex Transactions

On June 11th, the SEC agreed to delay rulemaking on restrictions to retail foreign exchange (forex) trading by up to three years.  The SEC said that it would use the additional time to assess the market for off-exchange foreign currency contracts and determine if more targeted regulations are necessary.  While the vote for the extension was private, Commissioner Aguilar publically criticized the delay, saying that the transactions, while profitable, pose unnecessary risks to small investors in the economy.   

OCC

Martin Pfinsgraff to be OCC Senior Deputy Comptroller for Large-Bank Supervision

On July 11th, US Comptroller of the Currency Thomas Curry named Martin Pfinsgraff Senior Deputy Comptroller for Large-Bank Supervision.  Pfinsgraff has filled the role on an acting basis since January 30th, and has worked in the OCC since 2011.  Previously, he served as Chief Operating Officer for iJet International, a risk management company, and Treasurer for Prudential Insurance.  In this position, he will continue to supervise 19 of the nation’s biggest banks with over $8 trillion in combined assets.  

International

Basel Committee Considering Simplified Capital Regime

On July 8th, the Basel Committee on Banking Supervision released a paper positing alternative proposals to reform the international capital regime in ways which would simpler and easier to compare global capital levels. Specifically, the Committee proposed reforms such as enhanced disclosures, additional metrics, strategies to ensure effective leverage ratios, and reigning in national discretion as potential options for simplifying the framework. The paper reiterated that risk-based procedures will remain at the heart of the Basel capital framework but these will be complemented by liquidity and leverage ratio metrics.

Upcoming Hearings

  • On Tuesday, July 16th at 10am, in 538 Dirksen, the Senate Banking, Housing and Urban Affairs Committee will meet in executive session to vote on pending nominations. Immediately following votes on nominees, the Committee will hold a hearing titled “Oversight of the Defense Production Act: Issues and Opportunities for Reauthorization.”
  • On Wednesday, July 17th at 10am, in 538 Dirksen, the Financial Institutions and Consumer Protection Subcommittee of Senate Banking, Housing and Urban Affairs Committee will hold a hearing on the consumer debt industry.
  • On Wednesday, July 17th at 10am, in 2128 Rayburn, the House Financial Services Committee will hold a hearing to receive the Semi-Annual Monetary Policy Report to Congress.
  • On Wednesday, July 17th at 2:30pm, in 216 Hart, the Senate Agriculture, Nutrition and Forestry Committee will hold a hearing on the Commodity Futures Trading Commission Reauthorization.
  • On Thursday, July 18th at 10:30am, the Senate Banking, Housing and Urban Affairs Committee will hold a hearing on the Federal Reserve’s Semiannual Monetary Policy Report to the Congress.
  • On Thursday, July 18th at 1pm, in 2154 Rayburn, the Economic Growth, Job Creation and Regulatory Affairs Subcommittee of House Oversight and Government Reform Committee will hold a hearing titled “Regulatory Burdens: The Impact of Dodd-Frank on Community Banking.”
  • On Thursday, July 18th at 1pm in 2128 Rayburn, the House Financial Services Committee will holding a hearing titled “A Legislative Proposal to Protect Americas Taxpayers and Homeowners by Creating a Sustainable Housing Finance System.”
Article By:

of

Federal Judge Finds that Apple Conspired to Raise E-book Prices

McDermottLogo_2c_rgb

On July 10, 2013, Judge Denise Cote of the Southern District of New York issued a 160-page opinion holding that Apple conspired with five book publishers to raise e-book prices and eliminate retail price competition in violation of Section 1 of the Sherman Act and several relevant state statutes.  United States v. Apple Inc., case number 12-civ-2826 (DLC).  The five publishers – Hatchett, HarperCollins, Macmillan, Penguin and Simon & Schuester – had all previously settled with the U.S. Department of Justice (DOJ).

The opinion stated that as Apple prepared to launch its iPad to the public and sought to concurrently enter the e-book market with its iBookstore, it met with the publishers and agreed to provide them with an “agency model” for e-book pricing that allowed the publishers to set the prices of the e-books themselves, subject to certain price caps.  Apple’s agreements with the publishers also included Most Favored Nation provisions which ensured that Apple could match its competitors’ prices and also provided an incentive for the publishers to lobby Amazon and other retailers to change their wholesale business models to agency models.  According to the court’s opinion, these agency model agreements caused e-book prices to increase, sometimes 50% or more for a specific title.

A separate trial for potential damages will be scheduled later.  Apple said it will appeal the ruling.

Article By:

 of

Update on Advanced Micro Devices (AMD) Trade Secret Misappropriation Case: Judge Hillman Issues Narrow Interpretation of the Computer Fraud and Abuse Act (CFAA)

RaymondBannerMED

As originally discussed on this blog back in February, a lawsuit brought by Advanced Micro Devices (AMD) against former employees accused of taking AMD trade secrets with them to competitor Nvidia has been ongoing and a recent opinion in the case highlights the uncertainty surrounding the Computer Fraud and Abuse Act (CFAA).

recent opinion issued by Judge Timothy S. Hillman narrowly interpreted the CFAA in this case. Judge Hillman declined a broad interpretation of the CFAA and held that AMD’s allegations in its complaint are insufficient to sustain a CFAA claim.

The relevant portion of the CFAA provides that it is a violation of the CFAA to:

Knowingly and with intent to defraud, [access] a protected computer without authorization or [exceed] authorized access, and by means of such conduct [further]the intended fraud and [obtain] anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1-year period.

computer broadcast world

There exists a circuit split on the interpretation of this clause. As Judge Hillman noted, the 1st Circuit has not clearly articulated its position on the issue. The broad interpretation defines access in terms of agency or use. That is, whenever an employee breaches a duty of loyalty or a contractual obligation and acquires an interest adverse to their employer, then all subsequent access exceeds the scope of authorized access. Proponents of the narrower interpretation argue that the intent of the CFAA was to deter computer hacking and not to supplement common law trade secret misappropriation remedies and therefore fraudulent means must be used to obtain the information initially.

Judge Hillman utilized a narrow interpretation of the CFAA and held that AMD had not pleaded sufficient facts to maintain a cause of action under the CFAA. AMD had pleaded that the defendants used their authorized access to computer systems to download and retain confidential AMD information which they retained when they left to go work at Nvida. The complaint, while alleging the defendants had the intent to defraud AMD, provided no facts which support the allegation that the defendants obtained the information through fraudulent or deceptive methods.

Judge Hillman did not outright dismiss the claim given the truncated evidentiary record and has allowed AMD the opportunity to plead specific details indicating that some or all of the defendants used fraudulent or deceptive means to obtain the confidential information and that they intentionally defeated or circumvented technologically implemented restrictions to obtain the confidential information. If other judges in the 1st Circuit follow Judge Hillman’s approach, plaintiffs will need to ensure that they plead with sufficient detail that the defendants obtained the information through a fraudulent or deceptive method as opposed to simply obtaining the information through permissible access.