Business Law

Data Breach and Business Judgment

Quang Trang, MJLST Staffer

Data breaches are a threat to major corporations. Corporations such as Target Co. and Wyndham Worldwide Co. have been victim of mass data breaches. The damage caused by such breaches have led to derivative lawsuits being filed by shareholders to hold board of directors responsible.

In Palkon v. Holmes, 2014 WL 5341880 (D. N.J. 2014), Wyndham Worldwide Co. shareholder Dennis Palkon filed a lawsuit against the company’s board of directors. The judge granted the board’s motion to dismiss partially because of the Business Judgment Rule. The business judgement rule governs when boards refuse shareholder demands. The principle of the business judgment rule is that “courts presume that the board refused the demand on an informed basis, in good faith and in honest belief that the action taken was in the best interest of the company.” Id. The shareholder who brings the derivative suit has the burden to rebut the presumption that the board acted in good faith or that the board did not base its decision on reasonable investigation.

Cyber security is a developing area. People are still unsure how prevalent the problem is and how damaging it is. It is difficult to determine what a board needs to do with such ambiguous information. In a time when there is no set corporate cyber security standards, it is difficult for a shareholder to show bad faith or lack of reasonable investigation. Until clear standards and procedures for cyber security are widely adopted, derivative suits over data breaches will likely be dismissed such as in Palkon.


Marijuana Industry Continues to Search for Banking Solution

Neal Rasmussen, MJLST Managing Editor

While the legal marijuana industry continues to rapidly expand in the United States, a major question still looms: Where should the millions of dollars generated by the industry be placed? Up to this point the nation’s banks have refused to take money for fear of federal repercussions. The lack of banking is one of the biggest problems the industry currently has and creates a dangerous all cash environment. While it continues to be an industry dominated by cash vaults and armed guards, change could soon be on the way.

While the provisions of the unlicensed money remitter statute, 18 U.S.C. § 1960, the money laundering statutes, 18 U.S.C. §§ 1956, 1957, and the Bank Secrecy Act (BSA) still remain in effect with respect to marijuana-related business, the marijuana industry had hoped to take advantage of the new rules issued by the U.S. Treasury Department in 2014 which “clarifie[d] how financial institutions can provide services to marijuana-related businesses consistent with their BSA obligations, and aligns the information provided by financial institutions in BSA reports with federal and state law enforcement priorities.” In addition to the new rules, the Justice Department produced a memorandum calling for relaxed enforcement of the relevant federal banking laws so long as they followed the new rules. However, the most recent attempt by a Colorado state-chartered credit union, The Fourth Corner Credit Union, to take advantage of the new rules and memorandum has faced major opposition from the Federal Reserve Bank, who must provide clearance before the credit union can open.

The Federal Reserve Bank refused to grant the permission need to access the national banking system and The Fourth Corner Credit Union has sued in Federal Court demanding equal access to the federal system. While it remains unclear whether the presiding judge, R. Brooke Jackson, will hear the complaint, most view The Fourth Corner Credit Union as fighting a losing battle. Most believe that entering the federal banking system will be nearly impossible until marijuana becomes legal at the federal level. For now it will remain unclear as to where the industry should place its money.