A recent decision by the Court of Appeals for the Fourth Circuit limiting the reach of the False Claims Act demonstrates how relators who pursue cases in which the government declines to intervene can end up making law that is unfavorable to the government’s enforcement of that statute.
United States ex rel. Rostholder v. Omnicare, Inc., et al., No. 12-2431, a qui tam case alleging violations of the False Claims Act (FCA), 31 U.S.C. §§ 3729, arose from a whistleblower’s claim that defendants violated certain Food and Drug Administration (FDA) safety regulations requiring that penicillin and non-penicillin drugs be packaged in complete isolation from one another. The violation of these regulations resulted in a legal presumption of penicillin cross-contamination. The relator asserted that the contaminated drugs were not eligible for reimbursement by Medicare and Medicaid and, therefore, claims presented to the government for reimbursement of these drugs were false under the FCA.
In affirming the district court’s grant of Omnicare’s motion to dismiss, the Court of Appeals focused on the specific requirement of the FCA that there be a claim that is, indeed, false. The Court noted that the statutes providing for reimbursement require that the drug in question be approved by the FDA but these statutes do not require compliance with FDA safety regulations as a precondition for reimbursement.
The Court therefore held that, while the cross-contamination might be a violation of safety regulations, it did not transform Omnicare’s requests for reimbursement into false claims. The Court observed statements in its own earlier cases that “the correction of regulatory problems is a worthy goal, but is ‘not actionable under the FCA in the absence of actual fraudulent conduct.’” (citing Mann v. Heckler & Koch. Def., Inc., 630 F.3d 338, 346 (4th Cir. 2010)). If it were “to accept relator’s theory of liability based merely on a regulatory violation,” the Court noted, “we would sanction use of the FCA as a sweeping mechanism to promote regulatory compliance, rather than a set of statutes aimed at protecting the financial resources of the government from the consequences of fraudulent conduct.” Given the FDA’s “broad powers to enforce its own regulations,” to permit the FCA to be used in this manner “could ‘short-circuit the very remedial process the Government has established to address non-compliance with those regulations.’” (citing U.S. ex rel. Wilkins v. United Health Grp., Inc., 659 F.3d 295, 310 3d Cir. 2011)).
Based on these principles, the Court of Appeals found that the relator had failed adequately to allege the existence of a false statute or fraudulent conduct, and that he could not plausibly allege that Omnicare acted with the requisite scienter when submitting the claims in question to the government.
This Court of Appeals decision could offer support for companies in highly regulated industries that face qui tam cases under the False Claims Act that arise from violations of safety regulations. In industries such as pharmaceutical manufacturing and packaging in which payment reimbursements are not expressly tied to compliance with safety rules, those companies may face regulatory enforcement for those violations, but will not also face assertions that they have also violated the False Claims Act.
Jeff Ifrah Presents on the Future of Online Gaming at J.P. Morgan Global High Yield & Leveraged Finance Conference
Yesterday, at the annual J. P. Morgan Global High Yield & Leveraged Finance Conference in Miami Beach, Florida, Ifrah Law Founding Member Jeff Ifrah shared his predictions for the growing online gaming industry in the U.S. and in Europe. Susan Berliner, an analyst with J.P. Morgan who covers gaming and lodging, moderated the panel, which also included Marc Falcone, CFO of Fertitta Entertainment/Station Casinos, and Eamonn Toland, President of Paddy Power. The panelists addressed the potential for online gaming’s additional expansion in the states as well as payment and logistical issues.
J.P. Morgan’s conference attracted a crowd of over 1,000 CEOs, CFOs and other C-Suite executives from high-growth companies across an array of industries, including gaming, entertainment, energy, and transportation and institutional investors. Questions from attendees at Tuesday’s panel indicated that investors were most interested in the rollout of online gaming in the three states that presently permit it: Delaware, Nevada, and New Jersey.
Ifrah noted that one study predicts online gaming revenues in the U.S. to reach approximately $670 million. According to Ifrah, how online gaming grows depends on what the states do to permit gaming and their licensing processes and what other states come online in the near future. Ifrah shared that just a couple hours before, Delaware and Nevada announced an historic agreement to pool their liquidity to increase their prize pool, allowing poker players in those states (and any other states which may subsequently sign on to the agreement) to play online poker offered by operators in either state, and to play against players in the other state. Governor Sandoval of Nevada and Governor Markell of Delaware met in Wilmington yesterday to announce this exciting development. The State of Delaware, an Ifrah Law client, launched online gaming in November.
Marc Falone of Station Casinos observed that run rate revenues for online gaming are estimated at $150 million in 2014. While online gaming is still in the early stages, it has the potential to be a much larger business with significant long-term growth potential. Falcone pointed out five challenges to online gaming growth, about which the panel generally agreed:
* General awareness – many consumers still do not understand that online gaming is legal in Delaware, Nevada, and New Jersey, which hinders participation and growth.
* Payments – despite online poker’s legality in the three states, Mastercard, Visa and other payment processors nevertheless decline to make deposits on online gaming sites.
* Geolocation – the states utilize geolocation technology to confirm that only residents in those states play. Many individuals have found the geolocation confirmation process unwieldy and difficult with which to interact, causing them to choose another activity. Falcone, Ifrah and the other panelists agreed geolocation technology and ease would improve over time.
* Security – in the age of high profile data breaches at Target, Neiman Marcus and elsewhere, and a reported breach on the Sands website, consumers’ interest in online gaming may be chilled. New Jersey requires a player enter a social security number. Consumers are understandably reluctant to provide that type of sensitive personal information in a website form. Industry needs to continue to work on secure procedures that will boost consumer confidence.
* Offshore gaming – licensed operators in the three states still compete with offshore gaming sites.
Eamonn Toland of Paddy Power stressed that online gaming revenues are currently as anticipated; growth takes time as consumers become more aware and some of the “wrinkles” identified above are ironed out. He sees a significant revenue growth of 28% month-to-month. As to whether online gaming “cannibalizes” land-based casinos, Toland and the other panelists concurred that the online gaming player is an entirely different demographic and they did not see the cannibalism effect. Toland believes online gaming will grow significantly as states contract with each other like Delaware and Nevada just announced.
As to other states that may authorize online gaming, Ifrah and the other panelists mentioned California, Illinois, New York, and Pennsylvania as potential markets. The panel participants cautioned that while these are exciting developments at the state level, the federal government would be monitoring online gaming operations to see if there are any significant issues, such as consumer protection issues. However, at least one panelist believes that online gaming has extensive protections – such as age verification, protections for problem gamblers – that result in fewer losses for consumers than in land-based casinos.
Last Friday, the Department of Justice (DOJ) and the Department of Treasury, Financial Crimes Enforcement Network (FinCen), both published new guidance in connection with the legalization of recreational marijuana in Colorado. Because marijuana use remains illegal under federal law, the banking industry is prohibited from servicing any marijuana-related bank accounts. This forces the recreational marijuana industry to operate on an all-cash basis, which increases public safety risks (both to retailers and to customers) and is a great inconvenience to the industry (which is required to take extreme measures such as hiring armed guards, installing very high tech security measures, and the businesses are unable to obtain bank loans or credit).
In response, FinCen’s guidance, along with the DOJ memo, was supposed to enable marijuana-related banking and eliminate the public safety concerns, as it clearly stated: “This FinCEN guidance should enhance the availability of financial services for, and the financial transparency of, marijuana-related businesses.” Although the guidance pursued an admirable goal, it fell remarkably short.
The DOJ memo states:
“The provisions of the money laundering statutes, the unlicensed money remitter statute, and the Bank Secrecy Act (BSA) remain in effect with respect to marijuana-related conduct. Financial transactions involving proceeds generated by marijuana-related conduct can form the basis for prosecution under the money laundering statutes (18 U.S.C. §§ 1956 and 1957), the unlicensed money transmitter statute (18 U.S.C. § 1960), and the BSA. … Notably for these purposes, prosecution under these offenses based on transactions involving marijuana proceeds does not require an underlying marijuana-related conviction under federal or state law.”
Simply stated, the DOJ memo confirms that recreational marijuana use remains illegal under federal law and could serve as the basis of prosecution against banks (or individuals), but that the DOJ will probably not enforce the applicable federal statutes against banks for processing marijuana-related accounts, provided that the banks follow certain guidelines that are outlined in the DOJ memo.
These wishy-washy “promises” of non-enforcement are extremely unlikely to sway banks from their decision not to permit marijuana-related accounts. Banks are naturally conservative and also have a huge self-interest to be 100% compliant with federal law because of the highly regulated banking industry; therefore, banks are only likely to permit marijuana-related accounts if it was legal under federal law, or if there were some form of safe harbor for the banks. However, there is clearly no safe harbor with the recent regulations and guidance.
For instance, the DOJ memo explicitly states: “Neither the guidance herein nor any state or local law provides a legal defense to a violation of federal law, including any civil or criminal violation of the CSA, the money laundering and unlicensed money transmitter statutes, or the BSA, including the obligation of financial institutions to conduct customer due diligence.”. The FinCen memo also repeats “that the illegal distribution and sale of marijuana is a serious crime…” Thus, although the guidance issued by DOJ and FinCen on the surface appear to be helpful, they are ultimately toothless.
Further, the ultimate decision (and the inherent risk and liability) remains with the banks, as also noted in the FinCen memo: “In general, the decision to open, close, or refuse any particular account or relationship should be made by each financial institution based on a number of factors specific to that institution.” Therefore, in the absence of any safe harbor and the illegal status of marijuana under federal law, banks will likely pursue the safe option of refusing to process marijuana-related accounts.
This scenario is quite similar to the recent aftermath in New Jersey when it legalized online gaming for intrastate users. Although New Jersey declared online gaming legal under New Jersey state law, banks generally refused and continue to refuse to process online gaming accounts. Banks deemed these accounts too risky because their internal regulations dictate that they would not process payments for accounts related to online gaming for real money when it was still prohibited in other states and would be an unwanted burden on their compliance checks. Similarly, the ultimate conclusion of banks considering marijuana-related accounts is likely to refuse to allow such accounts because they are still illegal under federal law and permitting those accounts presents an unwelcome risk for the banks.
Another significant hurdle that may cause banks to refuse marijuana-related accounts is the significant disclosure requirements applicable to the banking industry that are mandated by federal agencies like the FDIC and Federal Reserve. Banks, particularly banks that are publicly traded entities, have many filings and disclosures that they are required to make on a consistent basis. Therefore, the banks would presumably have to disclose that they are currently violating federal law by processing marijuana-related transactions and permitting marijuana-related accounts (and anticipate continuing to violate the federal laws). Regarding disclosure requirements, it should make no difference whether the DOJ presently anticipates prosecuting those crimes or how much of a priority they are in accordance with the DOJ memo – the fact remains that the bank is violating the federal law and that must be disclosed. Indeed, the DOJ could decide to prosecute these crimes at any time in the future. Furthermore, that disclosure (i.e. that they are currently violating the law) would likely trigger a host of regulatory issues that require banks to comply with all federal laws.
Yet, the banking market for marijuana-related accounts remains lucrative and underserved. The million dollar question is which bank will take the leap of faith to enter the marijuana industry?
One possibility is a Colorado bank that only has Colorado branches may be willing to permit marijuana-related accounts. Obviously, the potential reward is great because of the lucrative and underserved marijuana industry market. More importantly, the risk to Colorado banks is lower because they only operate in Colorado and can legitimately claim they are complying with all laws because Colorado state law permits recreational marijuana use, so they can be more confident that the DOJ will not prosecute them. More importantly, even if the DOJ decides to prosecute them, the state of Colorado will likely defend them and throw their weight behind the local bank, because if Colorado did not, then the whole recreational marijuana law and industry would quickly collapse.
Consequently, the risk-reward equation for a local Colorado bank is tilted more favorably toward permitting marijuana-related accounts because there is less risk to a Colorado-only bank, and the reward would be given more weight because the value of the marijuana accounts would mean much more to a smaller Colorado bank than to a larger national one. In the meantime, one would hope that the federal agencies would issue guidance that provides more clarity and real solutions to this issue, rather than just discouraging banks from this industry by issuing vague guidance.
The beginning of 2014 has brought many new laws into effect and we have written on a number of them. But few laws have received more mainstream media exposure than Colorado’s legalization of recreational marijuana. Of more importance to us, the legalization of recreational marijuana has posed some interesting problems for regulators.
The most obvious effect of the law was to allow the recreational use of marijuana, but there has also been a significant side effect: Colorado has seen an explosion of food products with marijuana additives (known as “marijuana edibles”). A big reason for the wide variety of marijuana infused products is because it is relatively simple to manufacture them. The regular food manufacturing process is used and then cannabis oil is added to the recipe, which adds THC (tetrahydrocannabinol) the main psychoactive substance in marijuana, to the food. Marijuana edibles range from candies and sweets (e.g. chai mints, truffles) to sodas to cake (e.g. cookies, brownies), and even peanut butter. These products are especially attractive to people who want to avoid the coughing and inhaling of pot smoke, or, to partake of marijuana in a place where smoking is not permitted.
We are not generally in favor of more regulation, but we do think that there is a need for more robust regulation of marijuana edibles. These are standard food products with all the associated risks (e.g. going rancid, food poisoning like salmonella). Also, THC is not particularly stable as a good additive. Yet, despite these characteristics that pose risks associated with food products, marijuana edibles are not being monitored by the experienced federal food regulators (such as the Centers for Disease Control and Prevention and the Food and Drug Administration). Moreover, Colorado Department of Public Health also cannot provide oversight because part of their funding comes from the federal government. And while Colorado’s Marijuana Enforcement Division may monitor these products, its original purpose was to regulate the medical marijuana industry and it is therefore ill equipped to regulate the entire recreational marijuana industry from the perspective of experience and resources. The Marijuana Enforcement Division has taken some significant steps to ensure marijuana edibles’ safety – such as requiring laboratory certification of edibles and implementing a tracking program that would be able to trace any food poisoning outbreaks directly back to the plant – but the absence of experienced food regulators from this process is worrisome.
Like many new laws, the legalization of recreational use of marijuana in Colorado is creating unforeseen challenges for regulators necessary to ensure the health and safety of the public. We are confident that, even in the continued absence of federal agency involvement, Colorado state authorities will find new and effective ways to meet these challenges.
A November 2013 ruling from the United States District Court in a bankruptcy case may create an obstacle for a tactic increasingly popular among federal prosecutors – the seizure of a defendant company’s domain name.
The statutes permitting civil and criminal forfeiture in U.S. District Courts – Title 18, United States Code Sections 981 and 983, respectively – both authorize seizure of “property.” In a number of prominent (and not so prominent) cases, federal prosecutors have seized a defendant company’s domain name, which may shut down the company’s operations during the pendency of the case. But it does not appear that any Court has squarely considered, in a forfeiture context, whether a domain name constitutes “property” that may be seized and forfeited.
Alexandria Surveys, LLC v. Alexandria Consulting Group, LLC, Civil Action 1:13—CV-00891, Bankr. Case No. 10-11559-BFK, was not a forfeiture case, but it may have set the table for a forfeiture defendant to argue successfully that a domain name may not be seized. In Alexandria Surveys, the District Court reviewed a ruling in the Bankrupcty Court relating to the sale of certain assets previously belonging to the debtor. In the case, the debtor argued, among other things, that the sale of the debtor’s web address and telephone numbers was improper because neither were the “property” of the bankruptcy estate, and therefore neither could be sold by the trustee.
In considering the issue, the Court noted a split in the Circuits as to whether a telephone number constitutes property of an estate. Compare Rothman v. Pacific Tel. & Telegraph Co., 453 F.2d 848, 849-50 (9th Cir. 1971) (trustee lacks right to distribute telephone number as property of the estate); Slenderalla Sys.of Berkeley, Inc. v. Pacific Tel. & Telegraph Co., 286 F.2d 488, 490 (2d Cir. 1961) (same) withDarman v. Metropolitan Alarm Corp., 528 F.2d 908, 910 n.1 (1st Cir. 1976) (permitting trustee to distribute telephone number as property of estate); In re Fontainebleau Hotel Corp., 508 F.2d 1056, 1059 (5th Cir. 1975) (same).
The Court observed that, while the Fourth Circuit Court of Appeals has not yet addressed the issue, state law determines the contours of property interests assumed by the trustee. In that regard, the Court noted the Virginia Supreme Court’s relatively recent decision in Network Solutions, Inc. v. Umbro International, Inc., 529 S.E.2d 80 (Va. 2000), in which that court specifically held, in the context of a garnishment action, that a web address and telephone number could not be garnished by a judgment creditor because the debtor lacked a property interest in them. 529 S.E.2d at 86-87.The court held that a domain name registrant acquires the contractual right to use a unique domain name for a specified period of time, and that the domain name is not property, but rather, “the product of a contract for services.” Id. Without diminishing the importance and significance of web addresses and domain names, the Alexandria Surveys court followed the holding in Network Solutions that they did not constitute “property.”
While Alexandria Surveys did not deal specifically with the law of forfeiture, the holding that domain names do not constitute property has significant implications for civil and criminal forfeiture cases. The case is not binding on other courts, but given the paucity of precedent characterizing domain names, this analysis may be viewed as instructive by courts considering claimants’ and defendants’ challenges to domain name seizures. And a shift in the law that did not permit those seizures would deprive the government of a significant piece of leverage that it now wields in many cases.
LinkedIn has filed a suit against John Does in response to a spate of “data scraping” perpetrated by unknown individuals, in violation of the website’s terms and conditions.This is the latest federal case in the Northern District of California in which a tech company seeks to enforce its contractual provisions through the criminal statute Computer Fraud and Abuse Act (CFAA).
Starting in May 2013, unidentified individuals unleashed automated software programs which bypassed LinkedIn’s security measures in order to create thousands of new member accounts. Once established, these new accounts could be used to view millions of LinkedIn member profiles. The software bots copied personal information off of those viewable pages, which contain extensive personal information. Although we can’t know exactly what the information was used for until the perpetrators are identified, these individuals could potentially use this personal information to steal members’ identities or conduct phishing or other scams.
LinkedIn has since disabled the bot-created accounts and implemented additional security measures to prevent a similar incident. The company instituted the “John Does” lawsuit in order to use the legal discovery process to serve subpoenas which may help identify the attackers. LinkedIn based its legal complaint, in part, on violations of the CFAA. But is the CFAA a sound legal basis on which LinkedIn can bring its claims?
The CFAA states that whoever “intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains…information from any protected computer” violates the CFAA and commits a crime. In this case, the bots created LinkedIn member accounts in order to view other LinkedIn member accounts and gather information. According to LinkedIn, the use of bots violates the terms and conditions that each user must agree to when opening an account. Did the drafters of the CFAA intend to reach this type of conduct? If LinkedIn is right, what appears to be conduct supporting a traditional breach of contract may become fodder for a potential criminal violation.
The Ninth Circuit addressed a somewhat similar issue in United States v. Nosal, a case in which a former employee, David Nosal, convinced some of his former colleagues to help him start a business by downloading customer lists from the former employer’s computer network. Although the employees had unrestricted access to the lists, their use of the lists violated the employer’s policy prohibiting the use of work computers for non-business purposes. The Department of Justice indicted Nosal under the CFAA for aiding and abetting this action. Nosal filed a motion to dismiss, which the district court granted. On appeal to the Ninth Circuit, the government argued that the CFAA applied to the employees’ use of the customer listseven though their access to the lists was permitted.
The Ninth Circuit rejected the government’s argument, stating that “[t]he government’s interpretation would transform the CFAA from an anti-hacking statute into an expansive misappropriation statute. If Congress meant to expand the scope of criminal liability to everyone who uses a computer in violation of computer use restrictions—which may well include everyone who uses a computer—we would expect it to use language better suited to that purpose.”
Fiscal year 2013 marked the fourth consecutive year in which the Department of Justice has recovered at least $2 billion from cases involving charges of healthcare fraud. Make no mistake: these record-setting yields were no accident. The Obama Administration has prioritized busting healthcare fraudsters since it took office, and for good reason. A 2009 analysis by the AHIMA Foundation, estimated that only 3 to 10 percent of healthcare fraud was being identified. To help crackdown, Attorney General Eric Holder and Human Services Secretary Kathleen Sebelius formed the Health Care Fraud Prevention and Enforcement Action Team (HEAT) in 2009.The Government also launched www.stopmedicarefraud.org in an effort to curb ongoing fraud. From January 2009 through the end of the 2013 fiscal year, the Justice Department used the False Claims Act to recover an unprecedented $12.1 billion in federal healthcare dollars.
In this past year alone, DOJ successfully recovered $2.6 billion. More than half of that amount related to alleged false claims for drugs and medical devices under federally insurance health programs, including Medicare, Medicaid and TRICARE.
Many of the DOJ settlements involved allegations that pharmaceutical manufacturers engaged in “off-label marketing” –that is, promoting sales of their drug products for uses other than those for which the Food and Drug Administration (FDA) approved them. A notable “off label” settlement was with Abbott Laboratories, which paid $1.5 billion to resolve allegations that it illegally promoted the drug Depakote to treat agitation and aggression in elderly dementia patients and schizophrenia – neither of which was the use for which the FDA had approved the drug as safe and effective. Abbott’s settlement included $575 million in federal civil recoveries, $225 million in state civil recoveries and nearly $700 million in criminal fines and forfeitures. DOJ also reached a settlement in 2013 with biotech giant Amgen, Inc., which paid $762 million (including $598.5 million in False Claims Act recoveries) over allegations that included promotion of Aranesp, approved to treat anemia, in doses and for purposes not approved by the FDA.
DOJ settlements in the past year also addressed allegations of the manufacture and distribution of adulterated drugs. For example, in May, Ranbaxy USA Inc. paid $505 million, including $237 million in federal civil claims, $118 million in state civil claims and $150 million in criminal fines and forfeitures, due to adulterated drugs from its facilities in India.
Kickbacks were the subject of other DOJ enforcement in 2013. DOJ obtained a $237 million judgment against Tuomey Healthcare System Inc. after a four week trial. Tuomey was accused of violations\ the Stark Law (which prohibits hospitals from submitting Medicare claims for patientsreferredto the hospital by physicians with a prohibited financial relationship with the hospital) and the False Claims act. Tuomey’s appeal is pending; if upheld, the judgment will be the largest in the history of the Stark Law. DOJ’s $26.3 million settlement with Florida dermatologist Steven J. Wasserman M.D., arising from allegations of illegal kickbacks from a pathology lab, was one of the largest with an individual in the history of the False Claims Act.
DOJ Civil Division’s Consumer Protection Branch was likewise active during 2013, obtaining 16 criminal convictions and more than $1.3 billion in criminal fines, forfeitures and disgorgement under the Federal Food, Drug and Cosmetic Act.
These numbers make clear that DOJ continues to view healthcare fraud as a priority. Providers and others who operate in this highly regulated space ignore this law enforcement focus at their peril in 2014.
The media coverage of this week’s announcement that federal prosecutors have charged former Virginia Governor Robert F. McDonnell and his wife, Maureen, with illegally accepting gifts from a wealthy Richmond area businessman have largely focused on what the Commonwealth’s first family may have given in return. To be sure, the question of whether and how these gifts corrupted the state government is an important one, and the effect on a man once considered a potential 2016 Presidential candidate is a significant political story.
But the story of how the allegations against Governor McDonnell first surfaced is also a cautionary tale about the vulnerabilities that can lead prosecutors to the evidence they need to bring down rich and powerful people. During his tenure at the Virginia gubernatorial mansion, chef Todd Schneider kept records and photographs of a variety of things he viewed as suspicious. When Schneider was accused of wrongdoing involving his outside catering company’s relationship with the state – allegations that proved to be unfounded – Schneider revealed to prosecutors all of the documents and photographs he had that suggested corruption on the part of the Governor and his family. The indictments announced this week are the product, at least in part, of that treasure trove of carefully preserved incriminating evidence.
The defense in this case will likely be that gifts were accepted but no favors were granted in exchange, and that may be a winning strategy but there is also a lesson here. Corporate officers and public officials need to understand that, when they engage in behavior that comes close to crossing the line between proper and improper, their acts need to be explained and not kept private. They also need to understand that leaders are often judged by and held to a higher standard of conduct. From the mail room on up, employees expect the most from their leaders. Anything less than that may look suspicious and can literally turn into a federal case.
This saga is by no means the first in which a lowly employee who is discharged or accused of wrongdoing becomes a whistleblower that leads to headline-grabbing criminal charges against a company or a political figure. But it is a good reminder that those who cut corners or even commit crimes in organizations are vulnerable to the evidence collected by others in that organization.
As followers of trends in e-commerce, our firm takes a keen interest in new e-payment methods. Last year, we predicted the Bitcoin would emerge as an innovative mode of currency for online transactions. When Bitcoin – an alternative virtual currency – first appeared in the mainstream media, it was largely portrayed as a wonky, nerdy counterculture experiment in decentralized wiki-currency. Reports explained that it was based on digital cryptography, but few if any people actually understood the math and even fewer could explain it in language that was comprehensible to most of us. But things have changed, and it is a whole new Bitcoin world.
Recent reports actually treat Bitcoin like a part of the mainstream economy. Government officials testifying on Capital Hill warn legislators not to underestimate the value that Bitcoin brings to the economy. Even leaving aside the federal shutdowns of illicit sites like Silk Road (an eBay-like marketplace for illegal drugs), ever-growing numbers of businesses are accepting Bitcoin as payment. Online market Overstock.com and social gaming site Zynga.com have both indicated their intent to accept Bitcoin. The owner of the Sacramento Kings has announced that fans will soon be able to buy tickets and hot dogs using Bitcoin. And it even appears that it will be possible to make political contributions using Bitcoin – doubling down on the whole issue of transparency versus anonymity in campaign contributions.
So if your organization considers using or accepting Bitcoin, there are some significant considerations:
1. The value of Bitcoin is extremely volatile.
Individuals can exchange national (fiat) currencies for Bitcoin through a variety of exchanges that have popped up in response to the demand for such services. The prices on these exchanges vary considerably among themselves at any particular time, and the price of Bitcoin has fluctuated wildly over the course of the past year. One Bitcoin was worth about $13 a year ago (in January 2013); in November 2013, the price surged over $1000 per Bitcoin. For a period of time, people in China were reportedly using Bitcoin as a means to avoid currency restrictions in that country; when China issued a ban on Bitcoin, the price swooned, although it later recovered much of that value.
The volatility of Bitcoin obviously poses challenges for businesses that accept them. Some address the issue by setting prices in national (fiat) currencies, accepting payments in Bitcoin but exchanging them on a regular basis. Other businesses have proposed engaging in sophisticated hedging transactions to address this risk.
2. Bitcoin has regulatory uncertainty.
To even talk about regulations and Bitcoin feels like it cuts against the entire vibe of this alternative currency, but there is little doubt that it is coming. The Financial Crimes Enforcement Network (FINCEN) has stated unequivocally that Bitcoin exchanges (which exchange Bitcoin for fiat currencies) and most Bitcoin “miners” (which process Bitcoin transactions) must register as Money Services Businesses (MSBs) under Department of the Treasury regulations. And legislators in the U.S. Congress are unquestionably considering what regulations can and should be imposed on the currency in order to safeguard against abuses without extinguishing the innovation to which it is so closely tied.
3. Bitcoin is anonymous – sort of.
When Bitcoin first emerged in the public eye, it was ballyhooed – and demonized – because of its supposed anonymity. The belief that its users could indeed remain anonymous gave rise to marketplaces for drugs and murders for hire paid in Bitcoin. The rub is that Bitcoin is not entirely anonymous: The digital framework of the currency is that each transaction is recorded in the cryptography itself (preventing fraud such as spending the same Bitcoin twice), and it is possible in some cases to use that information to find one’s way back to a Bitcoin user. The combination of a belief in anonymity and the ability of law enforcement to identify users obviously poses risks related to anti-money laundering obligations of which businesses must be aware.
4. Bitcoin still has security issues.
The last, but possibly most serious, consideration about accepting Bitcoin is lingering questions about security. Bitcoin are balances (credits) assigned to “addresses” (random strings of letters and numbers) that are publicly available. To spend the balance associated with a particular “address,” a user must have the corresponding “private key” (a slightly longer random string of letters and numbers) and apply a digital signature that allows some portion of that balance to be transferred to another address. Thus, the security of Bitcoin relies entirely on the security of “private keys”: Anyone who gains access to a private key gains access to the Bitcoin balance associated with that key. Given the recent headlines about data security breaches, it is not hard to understand why there might be concerns about accepting a virtual currency that can be purloined simply by stealing digital data from a computer.
The likelihood is that it is simply too early to judge whether Bitcoin is simply a fad or a harbinger of a sea change in our notion of what constitutes money and currency in a global digital world. Businesses who are early adopters may garner significant gains – or they may get burnt by early “learning experiences.” Inside counsel are wise to advise their clients about the risks and benefits of Bitcoin so that business leaders may make wise choices about the decision to accept them.
A Massachusetts man, whose ex-girlfriend had a restraining order out against him, was recently arrested for sending her an invitation to join Google+. This unfortunate drama sheds light on the disparate impact of ordinary things.
According to the Salem News, after receiving a Google+ invitation, Tom Gagnon’s ex-girlfriend went to the police station with a copy of the invitation and the restraining order in hand. The police agreed that the invitation violated the terms of the restraining order; certain Massachusetts orders require that the defendant “refrain from contacting the plaintiff, unless authorized by the court.”The police obtained an arrest warrant, and Gagnon was arrested at his home roughly 90 minutes later.
In court, Gagnon’s counsel argued that the charges were “absolutely unfounded,” asserting that Gagnon had no idea how his ex-girlfriend received the invitation. Judge Brennan, of the Salem District Court,said that he didn’t know how the invitations work either. He set bail at $500, released Gagnon, and ordered him to comply with the terms of the restraining order. A status hearing is set for February 6.
The defendant’s argument is simple: he didn’t send the invitation; Google sent it “automatically” without his (express) consent; and he should not be held criminally liable for Google’s unauthorized actions on his behalf. The Court’s Model Jury Instructions on violations of such restraining orders indicate that Gagnonwill likely prevail – if he can show that the invitation was the accidental, incidental, or inadvertent result of an automated message from Google+. If, on the other hand, the government shows that Gagnon intentionally sent the invitation, he may be found guilty.
Separate from how this plays out in Salem District Court, this incident highlights very important issues for criminal defendants and social media companies more broadly.
For criminal defendants and others under court supervision, Gagnon’s experienceoffers a (relatively obvious) teachable moment: make sure you understand your account settings to ensure that you do not inadvertently land yourself in jail. Post-arrest exoneration is good, avoiding jail in the first place is arguably better.
For the social media companies themselves, the issues are knottier and the lessons more nuanced. Perhaps there is a fundamental disconnect between Google’s machinations of complete interconnectedness and their appreciation for how that could negatively affect users’ real lives. Indeed, persons under court supervision are marginalized, silenced, and regulated in ways that the “average” American never encounters. As a result, companies large and small may (inadvertently) fail to consider how seemingly innocuous product features might affect those customers’ lives.
The line between corporate and personal responsibilities is subjective, broad and hazy. Social media companies have a lot to consider when rolling out new technology, and they can’t think of every possible eventuality. But maybe, just maybe,this worst-case-scenario come to life will make them reconsider those default settings…