Your (non)public data is showing.


Insider trading, though the iconic vision of Wall Street fraud and the subject of many dramatic trials and movies, is not expressly proscribed by any law or regulation in the United States.

“Section 10(b) of the 1934 Act, 15 U.S.C. § 78j(b), prohibits the use ‘in connection with the purchase or sale of any security . . . [of] any manipulative or deceptive device or contrivance in contravention of such rules and regulations as the Commission may prescribe . . . .’[1]

Designed as “catch‐all[s] for financial fraud,”[2] Section 10(b) and its accompanying Rule 10b-5 were applied by the courts to insider trading along two parallel lines of reasoning. Under the classical theory, “a corporate insider (such as an officer or director) violates Section 10(b) … by trading in the corporation’s securities on the basis of material, nonpublic information about the corporation,” in violation of a duty arising from her “relationship of trust and confidence.”[3] Under the “misappropriation” theory, liability may attach because the “misappropriator engages in deception by pretending loyalty to the principal while secretly converting the principal’s information for personal gain.”[4] Early in its insider trading jurisprudence, the courts also expanded liability in tipper/tippee scenarios, in which an insider shares material non-public information with an outsider for some direct or indirect personal gain.[5]

An Identity Crisis

Recently, however, insider trading has undergone something of an identity crisis. Last December, the Second Circuit reversed the high profile convictions of hedge fund managers Todd Newman and Anthony Chiasson. The court’s decision rested, in part, on the grounds that this and other recent cases, misapplied the precedent, and failed to demonstrate a sufficient “personal gain” for the tipper, and the tippee’s knowledge thereof.[6] The decision was relatively groundbreaking for setting a higher standard for establishing the substance and nature of the personal gain.[7]

Perhaps as a result of the increased attention on insider trading, members of Congress from both houses have recently begun to present ideas for actually codifying the definition of the practice.[8] The bills span the spectrum of stringency, but commentators seem most concerned about how the proposals treat the questions of acquisition of information, duties to its sources, the benefits accrued from the information, and appropriate penalties.[9]

But what is “nonpublic”?

These discussions, however, have mostly ignored the equally important question of the definition of “nonpublic” (or “inside” as one bills names it)[10] information. Technological advances and investigatory strategies have transformed “public” access to material information. As legislators and regulators debate the types of duties that must be violated to produce liability, they should, perhaps, be more concerned with what type of information can even reasonably be considered nonpublic.

The financial industry first put computers to use in market making operations to automate trade clearing and at quant shops to digest filings and reported financial information en masse. As the data economy has expanded, investors have increasingly grown to appreciate the value of the information being produced on a daily basis for primarily non-financial purposes by the public companies they follow.

Investors have sought information edges to guide their trading since the invention of markets. Though now a common tradition,[11] innovative funds began sending young analysts to walk through corn rows decades ago to judge the quality of incoming harvests and predict the direction of agriculture futures. In today’s world, however, analysis of farm yields can be performed via satellite surveillance without muddying the loafers of a single junior analyst.[12] Scans from the sky can also monitor car traffic at big box retailers to predict in-store sales for companies like Wal-Mart or Target.[13] Tashtego[14] is at least the second hedge fund to trawl data from social media (Twitter in particular) to try and predict customer and investor sentiment.[15] Somewhat more comical and unseemly efforts include spying on corporate jet passengers to guess at the activities and dealings of corporate executives.[16]

Capital One

On January 21, 2015, the SEC filed a complaint in the Eastern District of Pennsylvania against Bonan Huang and Nan Huang, two former employees of Capital One, for insider trading violations.[17] According to the complaint, the defendants misappropriated “material nonpublic information” by trawling the transactions database of Capital One credit card holders to gather sales data for numerous publicly traded consumer retail companies.[18] The defendants then allegedly used that data to place massive options bets ahead of corporate earnings announcements, making over $2.8 million in trading profits in three years, a return of approximately 1,819%.[19]

In its complaint, the SEC lays out a relatively clear case under the misappropriation theory of insider trading. The employees had a duty, established by published corporate policies and employee contracts, to not misuse either Capital One’s computing assets or its operations data for any non-business purposes, and were explicitly proscribed from trading on the basis of material nonpublic information obtained during their employment.[20] They conducted unapproved searches of the database to acquire the information they had no right to otherwise collect.[21] They traded on the information for personal gain.[22] The materiality of the information, if not inherently obvious, was confirmed by the consistent and substantial profits earned by the defendants.[23]

Somewhat glossed over in the complaint, however, is any discussion explaining why the data qualifies as “nonpublic.” The behavior of the two employees certainly feels illicit, and the SEC apparently believes that it goes without saying that internal operational data of a credit card company is nonpublic. Matt Levine at Bloomberg wrote about this issue, but falling prey to the common bias, focused on the question of duty:

Here, Bonan Huang and Nan Huang allegedly got the information from their employer, Capital One, which was supposed to have exclusive use of the — hey, wait a minute, does that mean that Capital One was allowed to trade on this data for its own profit? Wouldn’t that be amazing? Surely the answer is no: I assume that Capital One signed agreements with retailers (or rather, with Visa and MasterCard, which signed agreements with retailers) in which it promised not to disclose transaction data, or use it for nefarious purposes.[24]

Levine asked the key question, in footnote 7: “If that assumption is wrong, then why isn’t Capital One licensing this database to hedge funds for vast piles of money?” The fact is, while this author is not sure if Capital One sells its data, other credit card companies and financial services providers most certainly do.

MasterCard Advisors analyzes MasterCard transaction data to sell macro-economic reports that track “month-over-month… [and] year-over-year changes, regional breakouts, [and] other industry-level breakouts.”[25] ITG Investment Research touts that its “proprietary data consists of a daily extended consumer transaction panel of over 3 million users and anonymized transaction level data from over 4 million accounts,”[26] with merchant level detail. Hedge funds are increasingly focused on data-centric investing strategies that target exactly these types of assets.[27] These trends flip Levine’s question on its head. If none of this is insider trading, then what actions by Capital One would have been needed to qualify the data as “public?” Did they just need to sell it to a few financial analysts?[28] Did they simply need to secure the requisite releases from the merchants to monetize the data?

Snooping Strategies

The question of what qualifies as nonpublic information will only grow in importance as these type of “snooping”[29] strategies proliferate. Aside from its transactions panel, ITG IR’s predecessor, Majestic Research, historically also relied on bots that trawled publicly accessible portions of websites (including its source code) to track pricing trends or available inventory, and decoded bookings confirmation numbers of online retailers to estimate quarterly sales. Fanboys and investors alike have for years been opening phones and tablets and decrypting the serial numbers on various components to predict sales and new product plans of major tech companies.[30]

Aside from being ripe for producing typical law school hypotheticals,[31] this question ought to remain at the forefront for judges deciding novel insider trading cases and among legislators discussing potential codifications of the law.  In a legal regime where data theft between parties without any duties to each other or misrepresentations of loyalty suffices to produce liability for insider trading,[32] how unfair and deceptive does a “snooping” strategy need to be before it crosses the line into illegality?

As Levine correctly noted in his discussion of the Capital One case, while most insider trading feels unfair because the trader makes money without doing any work, the Capital One employees put in hours and hours of work searching their transactions database and converting that raw information into usable trading models.[33] One of the main justifications for banning insider trading is to incentivize financial participants to conduct research, compete for information edges, and thereby organically increase price efficiency. Are those incentives actually destroyed when the buy side has the ability to know with a high degree of certainty the exact sales results of a target company before the raw information is available to the public? Or does it make sense to let retail and smaller investors give up completely on investing in individual securities, while the battle for the informational advantage wages on among the most sophisticated players?


[1] United States v. Newman, 773 F.3d 438 (2d Cir. 2014)

[2] United States v. Newman, 773 F.3d 438 (2d Cir. 2014)

[3] United States v. Newman, 773 F.3d 438 (2d Cir. 2014) (citing Chiarella v. United States, 445 U.S. 222 (1980); internal quotations omitted)

[4] United States v. Newman, 773 F.3d 438 (2d Cir. 2014) (citing United States v. O’Hagan, 521 U.S. 642 (1997)).

[5] United States v. Newman, 773 F.3d 438 (2d Cir. 2014) (citing Dirks v. S.E.C., 463 U.S. 646 (1983))



[8] “Congressman Stephen F. Lynch (D-MA) recently introduced H.R. 1173, the Ban Insider Trading Act of 2015.  This legislation would establish a clear-cut insider trading statute that makes it a federal crime to purchase or sell securities based on material insider information.”; “To strengthen the prohibitions on insider trading, and for other purposes”; “To amend the Securities Exchange Act of 1934 to prohibit certain securities trading and related communications by those who possess material, nonpublic information.”







[15] “A hedge fund that analyzed tweets to figure out where to invest closed its doors last year after just one month, the Financial Times reports.”; See also:











[26]; As a disclaimer, this author worked at ITG and its predecessor as a research analyst for over five years, actively employing the company level information available in its “proprietary data” to identify earnings trends of covered public companies.


[28] “[I]nformation is also deemed public if it is known only by a few securities analysts or professional investors. This is so because their trading will set a share price incorporating such information.” United States v. Contorinis, 692 F.3d 136, 143 (2d Cir. 2012)



[31] How does trawling a website differ from walking into a store to count all the items on a shelf? Peering into a private warehouse from across a street to check inventory? Hiring a lip-reader to sit in a neighboring office across from the windows of the Goldman Sachs board room to monitor the meetings inside? Etc., …

[32] “[N]othing in the U.S. Supreme Court’s jurisprudence or prior decisions of our Court expressly imposes a fiduciary-duty requirement on the ordinary meaning of ‘deceptive’ where the alleged fraud is an affirmative misrepresentation rather than a nondisclosure. … [C]omputer hacking may be ‘deceptive’ even where the hacker did not breach a fiduciary duty in fraudulently obtaining material, nonpublic information used in connection with the purchase or sale of securities” (alterations omitted).


Comments are closed.