WASHINGTON - Securities and Exchange Commission top cop Andrew Ceresney and a Justice Department official warned legislators on Wednesday that a bill to update the Electronic Communication Privacy Act of 1986 could hurt their enforcement programs.
Ceresney and Elana Tyrangiel, the principal deputy assistant attorney general, issued their warnings at the first of two panels during a Senate Judiciary Committee hearing on the bill. And securities law experts said municipal bond enforcement cases would certainly be hurt.
The pending bill to update the ECPA "poses significant risks to the American public by impeding the ability of the SEC and other civil law enforcement agencies to investigate and uncover financial fraud and other unlawful conduct," Ceresney told committee members.
The bill would require government entities to get a criminal warrant before trying to obtain emails and other electronic communications from internet service providers. The SEC is a civil law enforcement agency and cannot obtain criminal warrants, rendering it incapable of using ISPs to get information, Ceresney said.
The SEC uses an administrative subpoena to compel individuals to disclose their emails and other communications to the commission as a first step in its investigation. However, the individuals do not always respond or fully comply with the subpoena and delete emails or withhold some of the communications. When that happens, Ceresney said the SEC needs to get evidence from ISPs.
"Depriving the SEC of authority to obtain email content from an ISP would also incentivize subpoena recipients to be less forthcoming in responding to investigatory requests because an individual who knows that the SEC lacks the authority to obtain his emails may thus feel free to destroy or not produce them," Ceresney said.
Tyrangiel similarly said the DOJ is concerned about obtaining a criminal warrant, which would leave civil investigators in the department who deal with antitrust and certain other cases, unable to obtain information.
Congress first passed the ECPA in 1986 and the recent bill to update it, S. 356, has 22 cosponsors in the Senate and nearly 300 cosponsors in the House, the bill's co-author Sen. Patrick Leahy, D-Vt., said during the hearing. He added that civil agencies have not been able to obtain emails without a warrant since appeals court judges in the case, United States v. Warshak, ruled in 2010 that it is unconstitutional for the government to obtain emails without a warrant.
Civil agencies "must abide by the same constitutional constraints that apply to everyone else," Leahy said, adding the proposed update "would not alter that status quo."
Ceresney suggested the Judiciary Committee consider changing the bill to require civil law enforcement agencies to "seek electronic communications directly from a subscriber before seeking them from an ISP." If that does not work, the agency would notify the ISP customer that the agency will be requesting the information from the ISP and give the individual the chance to raise any concerns with a court in a judicial proceeding. That solution would offer subscribers more protection than a criminal warrant, where subscribers do not get an opportunity to be heard before the communications are provided, and would also allow the agencies to still seek information from ISPs, he said.
Emails have proved to be important resources in a number of past municipal enforcement cases, according to several muni securities law experts.
Paul Maco, a partner at Bracewell & Giuliani, said they are "a foundational element of any enforcement case."
Elaine Greenberg, a partner with Orrick, Herrington and Sutcliffe and former chief of the SEC enforcement division's municipal securities and public pensions unit, agreed, saying a criminal warrant would "definitely hamstring the SEC."
The SEC "would be limited in [its] ability to gather what could be very relevant evidence particularly with regard to an individual's state of mind," which is used to prove negligence or intentional violations of securities law, she said.
The SEC muni enforcement division used emails in a 2014 case to prove Harvey, Ill. and its former comptroller Joseph Letke, created a scheme to misuse bond-related proceeds and make misrepresentations to investors. The complaint cited a February 2009 email that informed Letke of the city's poor financial situation while the city was diverting bond proceeds away from their intended purposes. Letke was eventually fined and barred from future municipal bond offerings for materially misleading investors. Harvey settled with the SEC.
The division also used emails as evidence in a case against Miami and its former budget director Michael Boudreaux, as well as one in which two former JPMorgan managing directors arranged payments to friends of Jefferson County, Ala. public officials so that the broker-dealer and its affiliated commercial bank could obtain $5 billion in county bond underwriting and interest rate swap agreement business. That case is still ongoing.
The SEC charged Boudreaux used an email to transfer $3.1 million to Miami's general fund from a special revenue fund legally restricted to expenditures relating to specific city economic development and planning purposes. That case is also still ongoing. In the Jefferson County case, Charles LeCroy and Douglas MacFaddin used emails to solicit business from county officials and employees, as well as private law firms, investment banks, and broker-dealers located in the county.