Supreme Court Restricts Ability of Federal Agencies To Issue Fines

Supreme Court Restricts Ability of Federal Agencies To Issue Fines
Image: PixaBay

The Supreme Court issued a decision today that could limit federal agencies attempting to impose fines for data security violations or breaches.

Although the decision in Securities and Exchange Commission v. Jarkesy did not involve data security or a data breach, the issue before the court involved the agency’s authority to charge someone with a violation of regulations, find him guilty in an administrative judicial proceeding, and then fine him without granting him a trial by a jury.

In a 6-3 decision delivered by Chief Justice Roberts, the court wrote:

This case poses a straightforward question: whether the Seventh Amendment entitles a defendant to a jury trial when the SEC seeks civil penalties against him for securities fraud. Our analysis of this question follows the approach set forth in Granfinanciera and Tull v. United States, 481 U. S. 412 (1987). The threshold issue is whether this action implicates the Seventh Amendment. It does.
The SEC’s antifraud provisions replicate common law fraud, and it is well established that common law claims must be heard by a jury.


Since this case does implicate the Seventh Amendment, we next consider whether the “public rights” exception to Article III jurisdiction applies. This exception has been held to permit Congress to assign certain matters to agencies for adjudication even though such proceedings would not afford the right to a jury trial. The exception does not apply here because the present action does not fall within any of the distinctive areas involving governmental prerogatives where the Court has concluded that a matter may be resolved outside of an Article III court, without a jury. The Seventh Amendment therefore applies and a jury is required. Since the answer to the jury trial question resolves this case, we do not reach the nondelegation or removal issues.

So how will this affect enforcement activities by the SEC, the FTC, and HHS OCR when it comes to investigating violations of data security or data breaches? Will more cases go to trial or will they be more likely to settle now?