On February 21, the U.S. Supreme Court issued its opinion in Digital Realty Trust, Inc. v. Somers, a long-anticipated case that clarifies who is protected as a “whistleblower” under the Dodd-Frank Act’s anti-retaliation provisions. In a unanimous decision penned by Justice Ginsburg, the Court held that the Dodd-Frank Act protects an individual only if he or she has reported a securities law violation to the U.S. Securities & Exchange Commission (SEC)—internal reports are not sufficient.
Enacted in 2010 in the wake of the financial crisis, the Dodd-Frank Act creates monetary incentives for whistleblowers to report securities law violations to the SEC. 2 It also protects whistleblowers from workplace retaliation after they report their concerns, allowing them to sue for generous remedies if prohibited retaliation does occur.3
In the text of the statute, “whistleblower” is narrowly defined to mean “any individual who provides . . . information relating to a violation of the securities laws to the Commission.” 4 However, an SEC rule promulgated in 2011 offers a broader definition—one that would also protect employees who report such concerns to their supervisor, audit committee, or other actors pursuant to the Sarbanes-Oxley Act of 2002 (SOX).5 Over the last several years, courts were left to grapple with which definition governs. District courts developed a deep split in opinion, as did the appellate courts: the Fifth Circuit held in 2013 that SEC reporting is required,6 while the Second Circuit held in 2015 that internal reporting is sufficient.7
Last year, in the case of Somers v. Digital Realty Trust, Inc., the Ninth Circuit agreed with the Second Circuit and held that internal reporting is sufficient.8 A few months later, the Supreme Court granted cert. to resolve the issue.9
The Supreme Court’s Decision
In Digital Realty Trust, Inc. v. Somers, the Supreme Court has now reversed the Ninth Circuit and explicitly held: “To sue under Dodd-Frank’s anti-retaliation provision, a person must first ‘provid[e] . . . information relating to a violation of the securities laws to the Commission.’” 10 Accordingly, plaintiff Paul Somers—an executive who was fired shortly after reporting suspected securities law violations to senior management, but not the SEC—is barred from pursuing relief under the Dodd-Frank Act because he was not a “whistleblower.”11
The Court’s analysis centered on the principle that “‘[w]hen a statute includes an explicit definition, we must follow that definition,’ even if it varies from a term’s ordinary meaning.”12 For a variety of reasons, the Court found that the Dodd-Frank Act’s definition of “whistleblower” is unambiguous, and the broader SEC definition is therefore not entitled to deference.13 First, the Court examined the statutory text and found that it “supplies an unequivocal answer” as to the definition of “whistleblower.”14 Second, the Court examined the Dodd-Frank Act’s legislative history (over objections voiced in a concurring opinion) and determined that the “core objective” of the relevant section was “‘to motivate people who know of securities law violations to tell the SEC.’” 15 The Court contrasted this with the broader aim of the SOX whistleblower regime: “to disturb the ‘corporate code of silence’ that ‘discourage[d] employees from reporting fraudulent behavior not only to the appropriate authorities, . . . but even internally.’”16 Third, the Court was unconvinced by various contentions of the plaintiff, the U.S. Solicitor General, and the Ninth Circuit that applying the statutory definition would “create obvious incongruities,” “produce anomalous results,” “vitiate much of the statute’s protection,” and narrow portions of the anti-retaliation provisions “to the point of absurdity.” 17 In other words, the Court found that its reading still left meaning to these provisions, and that meaning was consistent with the congressional purpose.
The Supreme Court has settled a years-old circuit split by giving a strict, literal reading to Dodd-Frank’s definition of “whistleblower.” In what would appear to be a major victory for this defendant, other publicly traded employers, and pro-business interests nationwide (including the U.S. Chamber of Commerce, which filed an amicus brief in support of the defendant), employees are no longer entitled to Dodd-Frank’s whistleblower protections unless they report outside of the company to the SEC.
In the bigger picture, however, this may be a hollow victory for corporate America. To qualify as a “whistleblower” under Dodd-Frank, individuals now have a clear incentive to report all sorts of observations to the SEC before reporting those observations through their company’s internal reporting infrastructure. While “approximately 80 percent of the whistleblowers who received awards in 2016 reported internally before reporting to the Commission,”18 that trend is likely to be reversed.
Moreover, even if a purported whistleblower is not protected by Dodd-Frank, he or she may still be protected by the SOX anti-retaliation provisions19 or relevant state laws. As the Supreme Court made clear in its decision, Dodd-Frank and SOX work together to protect whistleblowers whether they are dual reporters or purely internal reporters. Purely internal reporters have virtually the same remedies under SOX as they would have under Dodd-Frank with only two material differences: (1) Dodd-Frank allows employees to immediately file in federal court, whereas SOX requires employees to file a retaliation claim with the Department of Labor within 180 days and exhaust administrative remedies before going to federal court, and (2) Dodd-Frank provides for double back-pay, whereas SOX provides for single back-pay.
Now, more than ever, employees will be comfortable raising their concerns internally only if they do not fear retaliation for doing so. But as a practical matter, a company learning about suspected financial malfeasance or other securities law violation may have to assume that the SEC already knows about it.