The proper handling, management and protection of confidential
information continues to be a major risk management issue facing
companies, their executives, employees, and the boards that oversee
them. (See our previous post
Risk Management in a Digital World – Addressing
Cyber-Security Threats at the Board Level, dated January 9,
2015). Recently, the Securities and Exchange Commission (the
"SEC") commenced a civil complaint against over 30 individuals
and firms from around the world that are alleged to have stolen
150,000 confidential press releases of publicly-traded companies
from several newswires services' computer systems. At the time
the press releases were stolen they had not yet been released to
the public. At least one of the hacked newswire services is based
in Toronto. Criminal charges, including various fraud and
conspiracy charges have been brought by US Federal Prosecutors in
New York and New Jersey against several of the individuals
alleged to have been involved with the scheme.
The confidential press releases, allegedly stolen by Ukrainian
hackers were shared with traders in the United States and Europe,
who traded on the non-public information and in turn made profits
of over $100 million over a five year period.
Additional Complexity in the Detection and Enforcement of
This recent case highlights the increasing complexity facing
securities regulators in their efforts to combat insider trading.
As we have previously discussed in
earlier blog posts, prosecutions of more traditional forms of
insider trading have proven challenging for regulators in Canada
and in the United States. The risks and dangers presented by
cybercrime both at a local and global level add additional
challenges that will have to be met by securities regulators in
their enforcement of insider trading and other securities laws,
particularly given the untraditional source of the information
alleged to have been misused in these instances. Securities
regulators will have to work with corporations, newswire services,
and those charged with the safeguarding of confidential
information, in remaining vigilant in the prevention and detection
of securities related cybercrimes.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
Potential damages of up to $1 million per day may be imposed. I refer to the blog by Aaron Baer "Are You Compliant With Canada's Anti-Spam Law? If Not, Expect Lawsuits Starting on July 1 of This Year."
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).