SEC breaks new ground in settlement with alternative data provider, App Annie
Sondra Campanelli, Head of News and Marketing (London)
The following article was contributed by Stacey Brandenburg, shareholder, and Marc Zwillinger, founder and managing member at ZwillGen PLLC.
The Securities and Exchange Commission identified “alternative data” as an examination priority beginning in 2020. However, until last month, it had not issued public guidance or entered into an enforcement action in this space.
All that changed on September 14, 2021 with the announcement of the $10 million settlement of the SEC’s first enforcement action against alternative data provider App Annie. But even the broadly applicable takeaways are somewhat hidden in the agreement itself.
Nevertheless, the SEC has put down an important marker and has signaled where it will focus its attention in the future. For example, the SEC’s Order focuses on App Annie’s misconduct, which its CEO and co-founder orchestrated, and does not suggest there was any liability on the part of purchasers or users of its data.
However, the mere fact of the settlement demonstrates the SEC’s view that alternative data may be non-public material information in the trading context. Similarly, the SEC’s Order and accompanying press release emphasizes the importance of controls, including policies and procedures, to ensure compliance with the federal securities laws.
Below we discuss some frequently asked questions about what happened, what the settlement means, and how it might inform industry conduct.
WHAT HAPPENED?
App Annie collects information about mobile app performance and sells estimates of app revenue, downloads, and usage (among other performance data) through its “Intelligence” subscription. Some of the apps analyzed are owned by public companies.
App Annie obtained access to this confidential public company data through its “Connect” product, which provided companies with free analytics in exchange for access to their data.
From 2014 to mid-2018, App Annie represented to the companies who used the Connect product that the app data they collected was anonymized and aggregated before it was used in any of App Annie’s intelligence reports. App Annie also represented to its Intelligence customers that the apps from which App Annie collected data had consented to use of their confidential data for this purpose and that App Annie had internal controls and processes to ensure its compliance with U.S. securities law, including preventing confidential app data from being misused.
App Annie made these representations to potential and existing customers, knowing that the customers intended to use the data for trading decisions. However, some of these representations were knowingly false, because App Annie did, in fact, use public company Connect data in a non-aggregated and identifiable way to inform its Intelligence services.
Accordingly, the SEC fined App Annie $10 million and removed the CEO, who had orchestrated the deceptive activity.
FREQUENTLY ASKED QUESTIONS
I am currently an App Annie customer. Does this settlement impact the data I am currently receiving?
When App Annie learned it was under investigation by the SEC in mid-2018, it appointed a new CEO and made several changes to its products and practices. The company strengthened its compliance program and added internal controls to ensure that confidential public company data was excluded from the estimates in its Intelligence subscription. As a result, the SEC settlement does not concern App Annie’s current offerings, but only those from 2014 through mid-2018.
Does the SEC suggest that purchasers should have known or been able to detect App Annie’s misconduct?
Here, the SEC does not suggest any wrongdoing by purchasers or that they “reasonably should have known” of the misconduct. The SEC found that App Annie misrepresented its practices and deceived its customers. Therefore, it would have been difficult, if not impossible, for customers to detect this fraud, even in their due diligence. In fact, the nature of the conduct was not transparent to many at App Annie either.
Yet, the SEC does suggest that if App Annie had better internal policies and procedures around its use of confidential, material non-public, or other information from public companies, then the deception might have been detected and eliminated. So, in the future, purchasers and providers of data are on notice that the existence and enforcement of sound internal policies may be an important factor for the SEC in determining culpability.
Additionally, the SEC describes App Annie as engaging in “deceptive practices and making material misrepresentations about how App Annie’s alternative data was derived.” Although there was no direct discussion of which statements were deceptive or false, the strong implication is that the information that App Annie provided to its Intelligence customers did contain material nonpublic information. If App Annie’s data did not contain such information, then App Annie’s representations to its buyers would not necessarily have been false.
Furthermore, the SEC’s Order suggests that in a future enforcement action it may take a closer look at the details of any misrepresentations made about the origin of data that alternative data vendors may be selling and whether their diligence practices are as robust as they describe.
What should I be doing (or doing differently) in light of the settlement?
The settlement is a good reminder to review your compliance and diligence process (regardless of whether you are a vendor or purchaser). We have written previously about some best practices for diligence and the importance of regularly assessing and updating your internal policies and procedures. So, the settlement is also a good prompt to confirm that you have the information you would want – if the SEC were to inquire – about your data providers/sources. In particular, understanding the way the data is derived – while respecting the legitimate bounds of a company’s trade secrets – could be informative.
The settlement also suggests that the SEC may take a close look at a purchaser’s own policies and procedures when onboarding vendors to make sure that investment firms have the right policies and procedures in place to prevent them from onboarding material nonpublic information as they may claim to have.
In addition to diligence issues, is there anything we learned about the application of securities laws to alternative data?
The SEC settlement suggests a possible application of the securities laws to alternative data, which may mean that it constitutes MNPI. The settlement discusses two types of “materiality.” It makes clear that App Annie’s false statements about its data practices were a material misrepresentation to the purchasers of the data. But it also suggests that the app data itself was material. That is, the reason App Annie’s misrepresentation was material is that App Annie denied it used MNPI in its Intelligence product.
Thus, the implication of the SEC settlement is that the information App Annie used was, in fact, MNPI (see paragraphs 18-26 of the settlement). If the SEC considers app performance data to be MNPI, then it suggests that the SEC has a broad definition of materiality that may undermine any argument that some of the alternative data you may be consuming is nonmaterial. This may be one of the more important takeaways from the decision.
What should I expect now?
The SEC has stated that it is examining the alternative data space. Whether it will bring additional enforcement actions or issue guidance remains to be seen, but we would anticipate that this settlement is not the last time we will hear from the SEC on these issues.
Photo by Ash Edmonds on Unsplash