Attorney: JAYNE A. GOLDSTEIN
Pomerantz Monitor, July/August 2014

In an unanimous decision issued on June 25, the Supreme Court held that in most cases the police must obtain a search warrant prior to searching an arrestee’s cell phone. This opinion will affect many of our police organization clients, by hampering the ability of their members to obtain evidence when making an arrest. 

The “search incident to arrest” doctrine allows police to search, without a warrant, the area within the arrested person’s immediate control, to protect officer safety or to prevent escape or the destruction of evidence. The question here was whether an officer is also routinely allowed to rummage through all the files on the arrested person’s cell phone without a search warrant. The Court said no, recognizing that “modern cell phones, as a category, implicate privacy concerns far beyond those implicated by the search of a cigarette pack, a wallet or a purse.” 

The Court recognized that cell phones are repositories of huge amounts of personal information, such as personal messages, bank statements, photographs, notes, mail, lists of contacts and/or prescriptions. “The sum of an individual’s private life can be reconstructed through a thousand photographs labeled with dates, locations, and descriptions; the same cannot be said of a photograph or two of loved ones tucked into a wallet.” In short, “more or two of loved ones tucked into a wallet.” In short, “more than 90% of American adults who own a cell phone keep on their person a digital record of nearly every aspect of their lives…” In order to address safety concerns of the police during an arrest, the police remain free to examine “the physical aspects of a phone to ensure that it will not be used as a weapon,” but once secured, “data on the phone can endanger no one.” To prevent the suspect from destroying evidence on the phone, the Court said that police could remove the phone’s battery or could place the phone in an enclosure that would prevent it from receiving radio waves. The Court also left open the possibility that in exigent circumstances the police could search the phone immediately. 

However, our police officer clients tell us that, at times, immediate access to information contained on a cell phone could be crucial, leading, e.g., to the rapid capture of an accomplice through the reading of text messages, and waiting for a search warrant could permit the accomplice to get away. This ruling will surely lead to more cell phones being seized, to preserve them for possible future searches after a warrant is obtained.

ATTORNEY: Mark B. Goldstein
Pomerantz Monitor, July/August 2014

Pomerantz is representing a class of Target customers who were victimized by a widely-publicized hacking incident late last year. Thieves were able to sneak into customer data files maintained by the company and steal 40 million credit and debit cards numbers and 70 million customer records. Target announced the breach last December and said that consumers who shopped at Target between November 27 and December 15, 2013 were victimized. 

Since then there have been many similar breaches at other companies, including Sally Beauty, Michaels Crafts, and the popular Chinese restaurant chain P.F. Chang’s. Typically, thieves steal card data by hacking into cash registers at retail locations and installing malware that covertly records data when consumers swipe credit and debit cards through the machines. Often, the perpetrators re-encode the data onto new counterfeit cards and use them to buy expensive goods that can be resold for cash. Since last year, the cost of data breaches have risen on average 15%, to $3.5 billion. 

In response, consumers have filed class actions against the companies whose data bases were breached. Consumers and banks have filed more than 90 cases against Target, most of which allege that Target negligent¬ly failed to implement and maintain reasonable security procedures to protect customer data and that it knew, or should have known, about the security vulnerabilities when dealing with sensitive personal information. The cases also allege that Target did not alert customers quickly enough after learning of the security issue. Target did not disclose the data breach until weeks after it was announced by a security blogger. Then, Target revealed weeks later that even more customers were affected than originally announced. 

More recently, consumers sued P.F. Chang’s, alleging that it “failed to comply with security standards and allowed their customers’ financial information to be compromised, all in an effort to save money by cutting corners on security measures that could have prevented or mitigated the security breach that occurred.” The complaint claims that P.F. Chang’s failed to disclose the extent of the security breach and notify its affected customers in a timely manner. 

Data breach lawsuits are a relatively new phenomenon, so there is new law to be made here. There are practices that can cut down on these breaches. Most notably, since the Target breach, there has been much discussion of adopting the European-style “chip and pin” credit cards, whose information is more difficult to hack. These cards use a computer chip embedded in the smartcard, and a personal identification number that must be supplied by the customer. The benefit of the chip and pin system is that cloning of the chip (i.e. reproducing it on a counterfeit card) is not feasible. Only the magnetic stripe can be copied, and a copied card cannot be used on a PIN terminal. The switch to chip and pin credit cards in Europe has cut down theft dramatically. France has cut card fraud by more than 80% since its introduction in 1992. Chip and pin cards are yet to be adopted universally by American vendors. 

In the meantime, consumers should be vigilant with their credit card use, and frequently check their credit card statements. Additionally, consumers subject to data breach should act immediately and cancel their credit cards to limit their vulnerability.

Attorney: MICHELE S. CARINO
Pomerantz Monitor, July/August 2014

On June 30, BNP Paribas, France’s biggest bank and one of the five largest banks in the world, pled guilty to charges that it conspired to violate the International Economic Powers Act and the Trading with the Enemy Act. It agreed to forfeit approximately $8.9 billion traceable to its misconduct. This is the largest amount paid by any bank to settle allegations brought by the U.S. government and bank regulators. 

According to the Statement of Facts the Justice Department filed in the U.S . District Court in the Southern District of New York, from at least 2004 through 2012, BNP processed thousands of transactions through the U.S. financial system on behalf of banks and entities located in countries subject to U.S. sanctions, including Sudan, Iran, and Cuba. BNP structured the transactions to help clients move money through U.S. financial institutions while avoiding detection by U.S. authorities and evading sanctions. The practices were deliberate and pervasive, involving, for example, intentionally deleting references to sanctioned countries in order to prevent the transactions from being blocked, and using non-embargoed, non-U.S. “satellite banks” and complicated, multistep transfers to disguise the origin of the transactions. 

To make matters worse, U.S. authorities uncovered substantial evidence that senior executives knew what was happening and did nothing about it. In fact, in 2006, BNP issued a policy for all its subsidiaries and branches that “if a transaction is denominated in USD, financial institutions outside the United States must take American sanctions into account when processing their transac¬tions.” Then, in 2009 and 2010, when the U.S. DOJ and New York County District Attorney’s Office contacted BNP to express concern, the bank was less than cooperative in responding to requests for documents from BNP’s offices in Geneva. Overall, BNP allegedly processed 2,663 wire transfers totaling approximately $8.3 billion involving Sudan; 318 wire transfers totaling approximately $1.2 billion involving Iran; 909 wire transfers totaling approximately $700 million involving Cuba; and 7 wire transfers totaling approximately $1.5 million involving Burma. The New York Department of Financial Services places the estimates much higher, contending that a total of $190 billion of dollar-based transactions were concealed between 2002 and 2012. 

BNP potentially faced criminal, civil, and regulatory actions by various U.S. authorities involving potential penalties of about $19 billion. The $8.9 agreed-upon fine resolves all these related actions and ensures that BNP will not be subject to further prosecution for violations of U.S economic sanctions laws and regulations. While BNP may temporarily suspend payment of dividends to shareholders and may have to take steps to shore-up its capital ratio, the fine is not expected to have any long-term financial repercussions. Notably, BNP’s stock rose 3.6% the day the settlement was announced. 

But the plea agreement contains significant non-financial provisions. Specifically, BNP faces a five-year probationary period and is required to enhance it compliance policies and procedures. An independent monitor will be installed to review BNP’s compliance with the Bank Secrecy Act, Anti-Money Laundering Statute, and economic sanctions laws. In addition, BNP is banned from U.S. dollar-clearing operations through its New York Branch and other U.S. affiliates for one year for certain lines of business for certain BNP offices implicated in the conspiracy. BNP is not permitted to shuffle clients to other BNP branches or affiliates to circumvent this ban. This means that client relationships may be damaged, as clients take their business elsewhere. Furthermore, although there have not been any individual criminal prosecutions to date, 13 individuals were terminated and 32 others were disciplined as a result of the investigations and Plea Agreement. 

These measures are more likely to prompt reform, because they are implemented over a longer time period, require replacement of personnel, and change the way the business operates. They also signal to the industry what is required in this new regulatory environment. The fact that Deutsche Bank, itself a target of investigators, recently announced that it would be hiring 500 new employees in the U.S. in compliance, risk, and technology is not a coincidence. Other banks likely will follow suit. If that occurs, it may be the most positive result to come out of the BNP settlement for all investors.

Pomerantz Monitor, JULY/AUGUST 2014

Last February, General Motors decided to recall certain models due to defects in the ignition switches that can cause the engine and electrical system to shut down while the vehicle is in motion. If that happens, essential safety features such as airbags, power brakes, and pow¬er steering are all cut off. Since then, GM has recalled approximately 6 million cars due to the faulty ignition switch and nearly 29 million worldwide for a range of defects. 

Similar to the cases filed in the wake of the Toyota recalls, at least 85 lawsuits have been filed against GM seeking recovery of the declines in resale value on the recalled vehicles caused by revelation of the ignition-switch defect. With such lawsuits pending all over the country, in May a court in Chicago sent all of them to New York for consolidated pretrial proceedings. 

But many of these cases may not go forward at all. GM has claimed that economic loss cases are barred by a “discharge” order entered in its bankruptcy case in 2009 that, it argues, insulates the company from depreciation-related liability claims for automobiles sold before 2009. Plaintiffs’ lawyers claim this violates constitutional due-process rights, since GM allegedly knew about the ignition-switch problems at the time of the bankruptcy but kept them secret for years. A ruling on this issue is expected by the end of the summer. 

 GM also has to contend with its own shareholders, some of whom have sued the company and its top executives and board members. On March 21, 2014, Pomerantz filed the first and (so far) only securities class action in the Eastern District of Michigan on behalf of shareholders who purchased GM stock between November 17, 2010—the date of GM’s $20.1 billion initial public offering—and March 10, 2014. According to the complaint, GM’s misstatements and omissions about the ignition-switch defect resulted in “significant reputational and legal exposure” and caused the share price to tank “wiping out billions in shareholder value” when the true extent of the defect was disclosed. Four movants filed motions seeking appointment as lead plaintiff in the securities class action, including clients represented by Pomerantz. 

Oral argument is scheduled in August 2014.

ATTORNEY: H. ADAM PRUSSIN
POMERANTZ MONITOR, JULY/AUGUST 2014

At the end of its term in June, the Supreme Court issued two significant rulings relating to securities laws issues. 

 The main event was the decision in Halliburton, which addressed the continued viability of the “fraud on the market” presumption in securities fraud cases. Without the benefit of that presumption, most securities cases could not be certified as class actions. 

After the oral argument in Halliburton in March, we pre­dicted that the Court would not throw out the fraud on the market presumption, but would probably allow defendants to try to rebut that presumption at the class certification stage, if they could show that the fraud did not actually distort the market price of the company’s stock. Our pre­diction was right. In June, the Court issued its ruling, and now “price impact” will be a potential issue on class certification motions. If the company made significant misrepre­sentations about its business or financial results, it will be strange indeed if that had no effect on the price of its stock. 

Typically, when allegedly false statements are released by the company, they do not have any immediate effect on the stock price, because they do not deviate much from previously disclosed information. It is the bad information, which is covered up or falsified, that has the impact, and that impact can be measured when the truth finally does come out, in the so-called “corrective disclosure.” We be­lieve that defendants, in order to rebut the fraud on the market presumption, are going to have a heavy burden to prove that the corrective disclosures had no significant effect on the market price of the company’s stock, and that any price movements that did occur at that time were caused completely by market-wide fluctuations in share prices, by general market conditions, or by some other “bad news” unrelated to the fraud. 

The Court’s other decision came in Fifth Third Bancorp, which concerns the requirements for pleading a breach of fiduciary duty claim under ERISA against retirement plan trustees who continued to invest assets into stock of the employer company despite warning signs of impending catastrophe. 

Under ERISA, trustees of retirement plans have an obligation to act with prudence in investing plan assets or in making investment recommendation to plan participants. In one sense, such claims are easier to win than run of the mill securities fraud claims because there is no scienter requirement. 

But what level of knowledge actually is needed to trigger culpability for trustees? In the past, the courts gave the trustees of an employee stock ownership plan (“ESOP”) a “presumption of prudence” when they decided to invest, or continue to invest, in company stock. To overcome that presumption, they previously required that plaintiff plead, with particularity, that the trustees ignored facts showing that the company was on the brink of financial collapse. The only open question, we thought, was whether the presumption of prudence applied at the motion to dismiss stage, or only later, at trial. 

We thought wrong. To everyone’s surprise, the Court has now thrown the presumption of prudence out the window not only at the pleading stage of the case, but at every stage of the case. 

Instead, the Court set forth a new set of considerations. It held that ERISA claims cannot be based on the theory that the trustees ignored publicly available information about the company or its line of business. But where, as in most cases, the trustees (who are typically company executives) had adverse non-public information about the company, courts must balance the requirements of prudence with the laws against trading on inside information, and with the possible adverse consequences to the company if its ESOP suddenly stops buying company shares. 

In other words, it is going to take years to figure this out.