Davis Polk Discusses Target’s Cyber Breach Settlement

On May 23, Target Corp. reached a record $18.5 million settlement with 47 states and the District of Columbia to end investigations into Target’s data breach in 2013.  The settlement highlights the growing list of specific measures that companies are expected to have in place to mitigate the risk of cyber breaches.

In 2015, Target reached a class action settlement with consumers that required the company to implement certain measures to protect customer information. In re Target Corporation Customer Data Security Breach Litigation No. 14-2522 (D. Minn. Mar. 18, 2015).  Comparing the measures that were required in the 2015 settlement … Read more

Davis Polk discusses Appellate Reversal of $1.3 Billion Penalty Against Countrywide, Based on Appellate Finding of Lack of Intent

On May 23, 2016, the United States Court of Appeals for the Second Circuit reversed a $1.3 billion civil penalty imposed against Countrywide Home Loans, Inc., Bank of America, N.A., and related defendants (collectively, “Countrywide”) under the Financial Institutions Reform, Recovery, and Enforcement Act of 1989 (“FIRREA”).[1]  Although the decision rebuffed the government’s case against Countrywide, it did not address the government’s novel interpretation that FIRREA permits civil penalties against financial institutions whose criminal conduct is “self-affecting.”  FIRREA permits civil penalties against a defendant if it commits certain unlawful acts “affecting a federally insured financial institution.”[2]  Over a … Read more