On February 21, 2018, the Supreme Court in Digital Realty Trust, Inc. v. Somers1 narrowly construed the definition of “whistleblower” in the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (“Dodd-Frank” or the "Act”) and, consequently, who qualifies for the anti-retaliation protections afforded by the Act. The Court interpreted Dodd-Frank narrowly, holding that a whistleblower is entitled to the anti-retaliation protections of the Act only if he or she reports alleged securities law violations directly to the SEC. As a result, an employee is entitled to no anti-retaliation protections if he or she only reports such purported violations internally, utilizing the employer's internal compliance processes. To date, most whistleblowers have utilized their employers' internal processes rather than going directly to the SEC. While in the short term Digital Realty will likely result in a reduction in the number of employees who can claim whistleblower protection under Dodd-Frank, in the longer run the decision will likely increase the number of employees who opt to bypass their employers' internal reporting mechanisms and instead directly report what they perceive to be securities law violations to the SEC. The likely result will be an increase in the number of law enforcement investigations of alleged corporate misconduct.2
At issue in Digital Realty was the definition of “whistleblower” under Section 922 of Dodd-Frank. The Act defines “whistleblower” as any individual who provides “information relating to a violation of the securities laws to the [Securities and Exchange] Commission.”3 (bracketed insertion ours). In 2011, the SEC issued Rule 21F-2, which disregarded this definition with respect to the Act's anti-retaliation provisions—providing that an individual is a whistleblower “[f]or purposes of the anti-retaliation protections” if he or she either reports information regarding purported securities law violations to the SEC directly or reports such violations internally pursuant to the whistleblower provisions of the Sarbanes-Oxley Act of 2002 or the Securities Exchange Act of 1934.4 As such, Rule 21F-2 expanded the statutory definition of a whistleblower under Dodd-Frank to include employees who reported internally and did not report to the SEC. A circuit split soon emerged over the applicable definition of a whistleblower. The Fifth Circuit5 relied on the statutory definition to find that a whistleblower must report to the SEC in order to avail him- or herself of the anti-retaliation provisions, while the Second6 and Ninth7 Circuits deferred to the definition in SEC Rule 21F-2, holding that a whistleblower is protected if he or she discloses internally, even if he or she does not disclose to the SEC.
The Supreme Court's decision in Digital Realty arose from the defendant's appeal of the Ninth Circuit's decision, which deferred to the SEC's definition. Somers worked for Digital Realty from 2010 to 2014, and claimed that Digital Realty terminated him only after he reported potential violations of the securities laws internally to company management. Somers did not provide this information to the SEC. He subsequently brought a whistleblower retaliation claim under Dodd-Frank against Digital Realty for his termination. The company moved to dismiss the claim on the grounds that Somers did not qualify as a whistleblower under Dodd-Frank because he had not reported the alleged securities law violations to the SEC. The district court denied the motion, reasoning that the whistleblower provisions under Dodd-Frank were ambiguous and, as a result, the SEC's broader Rule 21F-2, which accorded protection to internal reports, was entitled to Chevron deference. The Ninth Circuit affirmed, concluding that adoption of the statutory definition of whistleblower, as the company urged, would narrow the anti-retaliation provisions to protect only employees that report possible violations of securities laws both internally and to the SEC, which was unlikely to occur.
The Supreme Court reversed unanimously, with two concurrences, relying on two primary grounds. First, the Court pointed to the explicit statutory language of Dodd-Frank, noting that the specific text of the statute defined a whistleblower as someone who reported to the SEC, and the statutory definition of whistleblower applied to govern the anti-retaliation provisions under the Act.8 The Court also reasoned that Congress must have intended to use a government-reporting requirement because it incorporated such a requirement into the whistleblower definition but not elsewhere in the statute. Second, the Court relied on the legislative intent, holding that the “core objective” of Dodd-Frank was “to prompt reporting to the SEC”9 Construing Dodd-Frank's definition of whistleblower strictly furthered that goal, even if it narrowed the field of eligible employees. Since Congress had directly spoken to the precise question before it, the Court saw no need to accord deference to a contrary view adopted by the SEC in Rule 21F-2.
Digital Realty is the latest in a string of Supreme Court cases that have narrowed the SEC's enforcement capabilities. In the 2013 decision Gabelli v. S.E.C.,10 the Court declined to apply the discovery rule when determining under 28 USC section 2462 when the limitations period for civil money penalties began to run. In 2017, the Court further limited the SEC's enforcement power in Kokesh v. S.E.C.,11 where it held that SEC ordered disgorgement was subject to the five-year statute of limitations under 28 USC section 2462. These decisions, in conjunction with Digital Realty, indicate that the Court does not, and will not, shy away from limiting the SEC's power when it deviates too far from the applicable statutory language or legislative intent.
While the decision in Digital Realty may undercut the SEC's enforcement program in the short term, that probably will not be the case long-term. As noted above, the majority of whistleblowers historically have reported only internally. Going forward, however, Digital Realty will incentivize employees to report directly to the SEC and bypass corporate internal compliance programs. Such compliance programs have historically provided companies with the opportunity to become aware of and internally investigate potential securities laws violations prior to an SEC investigation and prepare accordingly. They have also given companies an opportunity to implement remedial measures if necessary so that if the company decides to self-report, it can present a complete package. The decision underscores how important it is for companies to develop and maintain compliance programs to ensure conformity with the applicable securities laws and limit potential violations that can be reported. Adopting and implementing a robust compliance program can help a company adhere to legal requirements and identify issues so it can address them before they manifest into a legal liability.