From: Bloomberg
Is Cyber-Insider Trading Illegal?
Also governance, bad-actor waivers, crypto-kidnapping and flamethrower returns.
by Matt Levine
***
But here are a blog post and related a paper — “Informed Trading and Cybersecurity Breaches,” by Joshua Mitts and Eric Talley of Columbia — discussing a different approach, which is that you could just trade on the fact that you could hack into the computers. Then you can disclose the hack and hope that the company’s stock will go down. Cybersecurity breaches tend to be bad news. This approach is … look, I have my doubts about how lucrative it is; cybersecurity breaches tend not to be such bad news … but it has the advantage of not being blatantly illegal. Of being legal? I mean, that is not legal advice, but here are Mitts and Talley:
Under current securities law, however, several instantiations of informed cyber-trading would likely be permissible. To be sure, it is almost certainly unlawful for parties to conspire to steal proprietary information from a firm, or to spread false information about a cybersecurity risk in order to manipulate stock prices. That said, if such parties were simply to use publicly available investigatory tools to discover, trade upon, and then expose bona fide cybersecurity vulnerabilities (as Muddy Waters and MedSec were alleged to have done), they would face little scrutiny under current law. They would not run afoul of received insider trading theories, which generally require the breach of a confidential or fiduciary relationship.
Leave a Reply