Federal Judge Rejects Ameritrade Settlement

Written by Evan Schuman
June 15th, 2008

One day after lawyers presented a proposed settlement in the Ameritrade 6.2 million-customer data breach, a U.S. federal court judge tentatively rejected the settlement (on June 13), questioning the value of the deal for the consumer victims and the size of the $1.87 million attorneys’ fees.

San Francisco-based U.S. District Court Chief Judge Vaughn R. Walker gave lawyers on both sides until June 26 to address his concerns.

The judge didn’t specifically say that the lawyer’s fees were too high, but merely that "plaintiffs’ counsel has not established the basis for its fee request," leaving himself the opportunity to potentially approve the figure if he is satisfied with a justification.

But Walker’s key concern was whether the settlement adequately compensates the consumer victims. "Neither party has submitted any facts which would allow the court to make a proper valuation of the settlement, which on its own does not include any monetary relief," the judge wrote.

Walker had suggested on Thursday (June 12) that Ameritrade could purchase insurance that would cover any future identity theft claims. On Friday, he was less subtle.

On Thursday, Walker wrote, "the court analogized the preclusion this settlement affords defendant to the coverage or risk-shifting provided by insurance. Coverage against the risk of claims for identify theft and related claims is widely available to companies such as TD Ameritrade."

"The court inquired whether TD Ameritrade had obtained a quote on a policy that would cover the risk of liability on the claims that are precluded under this settlement agreement. TD Ameritrade’s counsel stated that he did not believe such coverage had been sought," Walker wrote. "TD Ameritrade’s counsel is directed to obtain at least two quotes on such coverage from qualified underwriters or insurance brokers."

The judge also objected to the fact that the proposed settlement didn’t say how many of the impacted consumers would have to agree to the deal before it would be confirmed. Typically, such a settlement would say that if fewer than a certain percentage of those impacted agree, the deal would go away.

"Under the settlement agreement, the parties retain the option to terminate the settlement pursuant to an agreed number of opt-outs to be submitted to the court in camera," which means privately presented to the judge in chambers. "This ‘magic number’ is not disclosed to the class, nor has it been disclosed to the court in camera. The parties are ordered to submit that information by June 26, 2008."

The judge also referenced in-court concerns expressed by class representative plaintiff Matthew Elvey that the spam-blocking software being offered to impacted consumers—Trend Micro Internet Security Pro, which is listed on the vendor’s site as selling for $69.95—had little value as it’s being offered for free (with a rebate).

"A dispute came to light at the hearing whether this element of the settlement has any true economic value," Walker wrote. "TD Ameritrade is directed to provide the court with the actual cost of this element of the proposed settlement."

Of greater potential concern, Elvey’s in-court comments suggested that he had been "threatened" into signing the settlement agreement. Those threats apparently involved having him removed as a named plaintiff, which would potentially cost him a $10,000 fee.

Walker quoted Elvey as having "suggested that the gains the class would receive under the settlement had the appearance of benefitting the class but were, in operation, trivial." The judge added that, "at the conclusion of the hearing, Mr. Elvey stated that he was ‘threatened’ into signing the settlement agreement. Plaintiff’s counsel shall clarify this situation" by June 26.


One Comment | Read Federal Judge Rejects Ameritrade Settlement

  1. Tom McGinn Says:

    The plaintiffs would have fared better in small claims court.


StorefrontBacktalk delivers the latest retail technology news & analysis. Join more than 60,000 retail IT leaders who subscribe to our free weekly email. Sign up today!

Most Recent Comments

Why Did Gonzales Hackers Like European Cards So Much Better?

I am still unclear about the core point here-- why higher value of European cards. Supply and demand, yes, makes sense. But the fact that the cards were chip and pin (EMV) should make them less valuable because that demonstrably reduces the ability to use them fraudulently. Did the author mean that the chip and pin cards could be used in a country where EMV is not implemented--the US--and this mis-match make it easier to us them since the issuing banks may not have as robust anti-fraud controls as non-EMV banks because they assumed EMV would do the fraud prevention for them Read more...
Two possible reasons that I can think of and have seen in the past - 1) Cards issued by European banks when used online cross border don't usually support AVS checks. So, when a European card is used with a billing address that's in the US, an ecom merchant wouldn't necessarily know that the shipping zip code doesn't match the billing code. 2) Also, in offline chip countries the card determines whether or not a transaction is approved, not the issuer. In my experience, European issuers haven't developed the same checks on authorization requests as US issuers. So, these cards might be more valuable because they are more likely to get approved. Read more...
A smart card slot in terminals doesn't mean there is a reader or that the reader is activated. Then, activated reader or not, the U.S. processors don't have apps certified or ready to load into those terminals to accept and process smart card transactions just yet. Don't get your card(t) before the terminal (horse). Read more...
The marketplace does speak. More fraud capacity translates to higher value for the stolen data. Because nearly 100% of all US transactions are authorized online in real time, we have less fraud regardless of whether the card is Magstripe only or chip and PIn. Hence, $10 prices for US cards vs $25 for the European counterparts. Read more...
@David True. The European cards have both an EMV chip AND a mag stripe. Europeans may generally use the chip for their transactions, but the insecure stripe remains vulnerable to skimming, whether it be from a false front on an ATM or a dishonest waiter with a handheld skimmer. If their stripe is skimmed, the track data can still be cloned and used fraudulently in the United States. If European banks only detect fraud from 9-5 GMT, that might explain why American criminals prefer them over American bank issued cards, who have fraud detection in place 24x7. Read more...

Our apologies. Due to legal and security copyright issues, we can't facilitate the printing of Premium Content. If you absolutely need a hard copy, please contact customer service.