InfoBytes Blog
9th Circuit partially reverses lower court’s ruling based on tech company's misleading statements
On June 16, the U.S. Court of Appeals for the Ninth Circuit partially revived a securities fraud action brought by the state of Rhode Island on behalf of its employees’ retirement system against a California-based technology company, its holding company, and several individuals (collectively, “defendants”), reversing a district court’s dismissal. In 2018, investors sued the defendants after the technology company discovered a security glitch that same year on its now-defunct social network site that exposed hundreds of thousands of users’ private data. The suits were consolidated, with the state of Rhode Island as lead plaintiff, alleging the defendants deceived investors and caused the company’s shares to be traded at artificially inflated prices between the discovery of the software glitch and its disclosure. According to the plaintiffs, the defendants omitted material facts on Form 10-Qs filed with the SEC in 2018 by including statements such as “[t]here have been no material changes to our risk factors since our Annual Report on Form 10-K for the year ended December 31, 2017.” The defendants moved to dismiss for failure to state a claim, which the district court granted, stating, among other things, that the plaintiffs failed to adequately allege “falsity, materiality, and scienter” in statements made by the defendants in their April 2018 and July 2018 10-Qs.
On appeal, the 9th Circuit reviewed the challenged statements, concluded that two statements made by the parent company in its 10-Qs were materially misleading or had omitted facts regarding the software issues, and vacated the dismissal of the plaintiffs’ falsity, materiality, and scienter claims. The appellate court also found that the defendants’ claim that the software problem had been patched by the time the challenged statements were made in their 10-Qs was not enough. “Given that [the company’s] business model is based on trust, the material implications of a bug that improperly exposed user data for three years were not eliminated merely by plugging the hole in [the social network site’s] security,” the appellate court wrote, further concluding that “[t]he market reaction, increased regulatory and governmental scrutiny, both in the United States and abroad, and media coverage alleged by the complaint to have occurred after disclosure all support the materiality of the misleading omission.” The 9th Circuit also referenced a so-called “Privacy Bug Memo” that was supposedly circulated among some of the defendants’ leadership team, which warned that disclosing these security issues “would likely trigger ‘immediate regulatory interest’ and result in the defendants ‘coming into the spotlight[.]’”
Concerning the remaining 10-Q statements identified in the complaint, the 9th Circuit affirmed the district court’s dismissal of claims based on these statements after concluding that the plaintiffs did not plausibly allege that they were “misleading material misrepresentations.”