WEBVTT - Bloomberg Law Brief: SEC Hack Shows Weakness in Edgar (Audio) 0:00:00.040 --> 0:00:02.639 Well, now it's time for our daily Bloomberg Law Brief, 0:00:02.680 --> 0:00:05.440 exploring legal issues in the news. And today Bloomberg Law 0:00:05.440 --> 0:00:08.360 hos doing grosso at Michael Best discussed the hack of 0:00:08.400 --> 0:00:13.039 the SEC's EDGAR document filing system, which granted hackers access 0:00:13.280 --> 0:00:16.840 too closely guarded secrets from American companies. They speak with 0:00:17.079 --> 0:00:20.120 Robert Hawckett, a professor at Cornell University Law School, and 0:00:20.160 --> 0:00:24.560 Peter Henning, a professor Edwayne State University Law School. Peter, 0:00:25.079 --> 0:00:28.160 the you know, most of the EDGAR system is publicly 0:00:28.160 --> 0:00:30.880 available information. That's kind of the point, but there is 0:00:31.000 --> 0:00:34.919 part of it that has some confidential information that apparently 0:00:35.000 --> 0:00:37.800 is the subject of this hack. Explain exactly what it 0:00:37.880 --> 0:00:41.080 is that got hacked into here. Well, the security breach 0:00:41.240 --> 0:00:44.680 came through a portal that the SEC has so that 0:00:44.880 --> 0:00:49.680 companies that recently went public could essentially take it for 0:00:49.720 --> 0:00:55.560 a test drive and past materials on EDGAR. The requirement 0:00:55.680 --> 0:00:59.560 is that whenever a company makes its disclosure quarterly or 0:00:59.600 --> 0:01:03.760 annual earnings, that has to do that um immediately and 0:01:03.840 --> 0:01:06.240 make it available to all investors at the same time. 0:01:06.280 --> 0:01:08.679 So it was a way for them to test it UM. 0:01:08.720 --> 0:01:12.160 But there are companies that will make filings. Uh. For example, 0:01:12.200 --> 0:01:15.680 I p O s Now you can make what's essentially 0:01:15.720 --> 0:01:18.640 a dark filing. You can put information in there that 0:01:18.760 --> 0:01:22.080 isn't available to the public, that might have been available 0:01:22.240 --> 0:01:25.880 to the hackers and would give them maybe some insight 0:01:26.000 --> 0:01:28.800 information about what was going to happen at those companies 0:01:29.080 --> 0:01:31.720 and perhaps others if they rummaged around through the system. 0:01:31.760 --> 0:01:34.400 You just don't know what you're going to find. Bob, 0:01:34.440 --> 0:01:38.160 the attack occurred last year. The SEC just disclosed it 0:01:38.240 --> 0:01:42.080 on Wednesday. Is that against its own advice to companies 0:01:42.160 --> 0:01:46.720 to announce cyber attacks promptly. Well, it's it's it's hard 0:01:46.760 --> 0:01:49.600 to tell the type attrition. I mean, the problem is, um, 0:01:49.640 --> 0:01:51.600 you know that the SEC is sort of forced start 0:01:51.720 --> 0:01:54.800 faced with a dilemma. On the one hand, if it 0:01:54.880 --> 0:01:58.760 reveals information that turns out not to be really that 0:01:58.880 --> 0:02:01.840 important in the long gre term but sort of stokes 0:02:01.840 --> 0:02:05.440 a panic or stokes sort of excess concern in the 0:02:05.480 --> 0:02:08.160 short term, Uh, than it might well, you know, sort 0:02:08.160 --> 0:02:11.080 of think better about having disclosed something too quickly. So 0:02:11.480 --> 0:02:14.360 it's not sure whether to tell anybody right away because 0:02:14.360 --> 0:02:16.600 it doesn't want to cause more panic than might be warranted. 0:02:17.000 --> 0:02:18.880 On the other hand, that being said, if it does 0:02:18.919 --> 0:02:21.520 indeed turn out to be a significant problem, but then 0:02:21.520 --> 0:02:23.280 of course the SEC looks to have egg on its 0:02:23.280 --> 0:02:25.200 face when it turns out that it knew the information 0:02:25.280 --> 0:02:28.320 even sooner. In this particular case, I think what's particularly 0:02:28.320 --> 0:02:31.480 important or maybe worth noting, is that it didn't reveal 0:02:31.520 --> 0:02:35.120 the information until it determines that somebody might actually have 0:02:35.360 --> 0:02:38.840 used some still gotten information in order to engage in 0:02:38.840 --> 0:02:41.520 some form of insider trading. And that's something the SEC 0:02:41.680 --> 0:02:45.120 apparently only just learned. And as Robert Hockett, a professor 0:02:45.160 --> 0:02:48.360 at Cornell University Law School, and Peter Henning, a professor 0:02:48.400 --> 0:02:51.520 at Wayne State University Law School, speaking with Bloomberg Law 0:02:51.520 --> 0:02:54.160 host June Grasso and Michael Best, you can listen to 0:02:54.160 --> 0:02:57.080 Bloomberg Law weekdays at one pm Wall Street Time here 0:02:57.200 --> 0:02:59.920 on Bloomberg Radio and now among the top legals to 0:03:00.000 --> 0:03:03.360 worries from Bloomberg Law. President Trump has opened himself to 0:03:03.480 --> 0:03:06.080 what could be a new wave of legal challenges with 0:03:06.120 --> 0:03:09.200 a revised travel ban. Two groups that are challenging the 0:03:09.280 --> 0:03:12.119 earlier version of the policy at the Supreme Court say 0:03:12.160 --> 0:03:15.799 they still see restrictions as targeting Muslims. That's Even though 0:03:15.840 --> 0:03:18.760 the new policy adds two countries with few Muslims, banning 0:03:18.800 --> 0:03:21.880 everyone from North Korea and some government officials from Venezuela,