Alston & Bird Consumer Finance Blog

Federal Trade Commission (FTC)

High Profile Settlements, Strengthened Data Security Orders, and COPPA: The FTC’s 2019 Privacy and Data Security Update

A&B ABstract

Each year the Federal Trade Commission (the “FTC” or “Commission”) publishes a report on its activities with respect to consumer privacy and data security during the prior year.  On February 25, 2020, the Commission released its 2019 Privacy and Data Security Update. The update contains a summary of the FTC’s enforcement, advocacy, and rulemaking actions as well as its activities with respect to its privacy and security-related workshops, consumer education and business guidance, and international engagement.  The update is a useful way to see what the FTC focused on in the prior year and where to expect continued interest. Some highlights from the update are provided below.


In the enforcement space, the FTC update spotlights its two most high-profile settlements to date: Facebook and Equifax.  First, in July 2019 the FTC and the Department of Justice’s announced a joint settlement with Facebook based on allegations that the company’s misrepresentations and consumer privacy failures violated its 2012 order.  The 2019 settlement order imposed a record-setting $5 billion penalty and included a number of provisions designed to change Facebook’s overall approach to privacy.  The settlement is currently pending approval by the United States District Court for the District of Columbia. Also, in July 2019, the FTC announced a settlement with Equifax for alleged data security violations, including Gramm-Leach-Bliley Act violations, that affected 147 million people.  The settlement included a payment of up to $700 million to help consumers affected by the breach and was part of a global resolution with a consumer class action, the Consumer Financial Protection Bureau, and 50 states and territories.

Data Security Orders

The FTC’s enforcement actions over the past year with respect to data security incidents also highlight the Commission’s efforts to strengthen its data security orders, including through increased specificity, increased accountability of third- party assessors, and improved corporate governance on data security issues.  Each category of improvement is reflected in seven data security orders issued by the FTC over the past year against companies in a range of industries: ClixSense (pay-to-click survey company), i-Dressup (online games for kids), DealerBuilt (car dealer software provider), D-Link (Internet-connected routers and cameras), Equifax (credit bureau), Retina-X (monitoring app), and InfoTrax (service provider for multilevel marketers).


The FTC’s update also makes clear the FTC’s continued focus on the Children’s Online Privacy Protection Act (“COPPA”) in 2019 and beyond.  In September 2019, the FTC and New York Attorney General settled with Google, and its subsidiary YouTube over allegations it collected personal information, including in the form of persistent identifiers, from viewers of child-directed channels without first notifying parents and getting their consent.  The $170 million judgment is the largest civil penalty under COPPA. In 2019 he FTC also settled charges against, now known as TikTok, for $5.7 million for illegally collecting personal information from children on a child-directed app.  The FTC also announced it was seeking comments on the effectiveness of the 2013 amendments to the COPPA Rule and hosted a workshop in October 2019 to discuss whether additional changes are needed.

Other Concerns

The FTC update describes other areas of focus, including credit reporting and financial privacy, Do Not Call and telemarketing, and international enforcement. You can read the entire update here.

FTC to Settle Charges of Deception with Marketer of Consumer Financial Products

A&B ABstract: The Federal Trade Commission (“FTC”) recently announced an administrative complaint and proposed settlement against a marketer of consumer financial products that highlights potential compliance issues with product and service reviews, particularly entities that provide “pay-to-play” rankings and ratings.


On February 3, 2020, the Federal Trade Commission (“FTC” or “Commission”) announced an administrative complaint and proposed settlement against Shop Tutors, Inc., doing business as LendEDU  (the “Company”), and three executives, including the Chief Executive Officer, the Chief Technology Officer, and the Vice President of Product (collectively the “Respondents”).  The complaint and proposed settlement relate to allegations of deceptive content on the Company’s comparison shopping website which markets student loans, personal loans, credit cards, and insurance products.  According to the FTC, the individual Respondents knew about or directly participated in the deceptive conduct alleged.

The FTC’s complaint contains three counts alleging violations of Section 5 of the FTC Act, which prohibits unfair and deceptive acts and practices.  To settle the case, the Respondents must pay $350,000, are prohibited from making deceptive claims about their products or services, and must affirmatively disclose certain material information, among other remedies.  The FTC voted 5-0 in favor of this proposed settlement, with Commissioner Rebecca Kelly Slaughter issuing a concurring statement.  As the FTC brought this case as an administrative complaint rather than through the federal courts, the proposed settlement will be subject to 30 days of public comment before the Commission determines whether to make the proposed order final.  Once entered, the final order will be in effect for 20 years.

The Complaint:

According to the FTC’s complaint, since 2014 has promised “honest” “accurate” and “unbiased” ratings of the companies offering financial products on its website, but instead promoted particular companies by boosting rankings and ratings in exchange for payment.  The FTC further alleges that: (a) positive reviews about and its customer service posted on its own and other third-party review platforms were written by employees of and others with a connection to the Company, and (b) the vast majority of “reviewers” don’t appear to have used

 Allegations related to “pay to play”:’s web pages for financial and insurance products include rate tables, rankings, star ratings and reviews of what it claims were the “best” or “top” companies in the product category.  According to the FTC, the Respondents claimed that the “ratings are completely objective and not influenced by compensation in any way,” and that their “research, news, ratings, and assessments are scrutinized using strict editorial integrity.”  The FTC alleges that contrary to these claims, the Company provided financial service companies with higher numerical rankings or star ratings and higher positions on rate tables in exchange for compensation.

The FTC’s complaint cites to a range of evidence as support for this allegation.  For example:

  • An email from the CEO asked a student loan refinance company to pay $9.50 per click to retake the number one ranking in that product category after it had fallen to number three. The company agreed to pay $8.50 per click for the number one ranking and table placement (and was restored to the number one spot).  In a later email, the VP of Product asked the same company to increase its payment to $16.00 per click, stating “we want to keep your business positioned as the #1 lender on our site, but we need to justify the move from a business perspective.”  That company then agreed to pay $15 per click and kept its number one position.
  • The Respondents’ presentation material to a prospective bank customer included a slide that discussed “Partner Positioning & Ordering,” explaining that “compensation may influence the products we review and write about, the order in which partners appear in our articles, whether products appear on our site, and where they’re placed.”

Additionally, according to the FTC, the Company’s paid placement policies caused some previously highly ranked companies’ ratings to drop when they refused to pay to maintain those positions.  For example, the Respondents ranked one student loan refinance company number two in the rankings and listed it second in the rate table for several months.  When the company refused to pay more to be placed in the second spot, Respondents dropped its ranking to number five or lower.

Allegations related to inadequate disclosures:

The FTC alleges that the Respondents included virtually no information about their relationships with the companies that appear on the website, including that a company’s inclusion or ranking on the site may have been influenced by payment.  According to the complaint, in mid-2016, Respondents added a fine-print disclaimer that the “site may be compensated through third party advertisers,” in the website’s footer.  And in March 2019, after becoming aware of the FTC’s investigation, the Respondents included on a separate webpage a list of companies that “may provide compensation to LendEDU.”  The FTC found these disclosures to be inadequate as neither was clear and conspicuous.

Allegations related to fake reviews:  

The FTC also alleges that reviews and testimonials about LendEDU’s website and customer service that appear on its own site or and on third-party review platforms were written by employees of the Company or were completely made up.  According to the FTC, at the time the FTC announced its complaint, had 126 reviews on a third party review website; of those, 111 (or 90%), were written or made up by Company employees or their family, friends, or other associates. The FTC further alleges that the homepage included “testimonials” from consumers claiming they saved money using the Company’s services, but that the Respondents had fabricated these “testimonials.”


The FTC continues its focus on deceptive endorsements, reviews and testimonials, regardless of the medium through which they are offered, be it third-party websites, social media, traditional media, such as broadcast or print, or “native” advertising.  Companies should ensure that any reviews of product or services they publicly post or publish reflect the actual experience of the endorser. Further, companies should clearly and conspicuously disclose if there is a “material connection” that is not obvious on its face, such as when the endorser receives payment or product in exchange for the endorsement, or where the endorser has an ownership interest in the product or service he is endorsing.

In addition, review sites and other businesses promoting the products and services of others must be transparent about any compensation or other consideration they receive in exchange for inclusion or placement. In her concurring statement, Commissioner Slaughter underscored this point warning that “companies that engage in pay-to-play rankings and ratings should take heed: this conduct robs consumers of vital information, pollutes our online marketplaces, and violates the law, which will result in serious consequences.”

FTC Announces Settlement with Mortgage Broker for Publishing Personal Information about Consumers

A&B ABstract:

On January 7, 2020, the Federal Trade Commission (FTC) announced a complaint and settlement against California mortgage broker Mortgage Solutions FCS, doing business as Mount Diablo Lending, and its owner, Ramon Walker, (collectively, Mortgage Solutions).  The FTC’s complaint (Complaint) alleged that in response to negative Yelp reviews posted by applicants and customers, the company publicly posted sensitive personal information, including financial information, about those individuals gleamed that it gleaned from mortgage applications and credit report.  Specifically, according to the Complaint, that information included sources of income, payment and credit histories, taxes, family relationships and health. The FTC alleged that Mortgage Solutions’ actions violated the Fair Credit Reporting Act (FCRA), the Gramm Leach Bliley Act (GLBA) and Section 5 of the FTC Act. As part of the settlement, Mortgage Solutions will pay a $120,000 civil penalty for violating the FCRA.


The Complaint, filed in the U.S. District Court for the Northern District of California by the U.S. Department of Justice on behalf of the FTC, alleges that between June 2015 and August 2016, defendant Walker published or caused to be published responses to negative consumer reviews about Mortgage Solutions’ services that appeared on the consumer review website,, that were publicly viewable on Yelp’s page for Mount Diablo Lending.  The Complaint also alleges that required privacy notices provided to customers were inadequate and were not followed, and that the company’s information security program was inadequate.   A summary of the FTC’s complaint counts follows:

Violations of the FCRA: 

The Complaint alleges that Mortgage Solutions impermissibly used consumer reports in violation of the FCRA.  According to the Complaint, some of the personal information that Mortgage Solutions publicly posted about consumers was information contained in consumer reports it obtained.  The FCRA allows use of consumer reports only for the permissible purposes identified in section 604(a) of the FCRA; however, public dissemination – such as Mortgage Solutions’ posting of consumers’ information on – is not a permissible purpose

Violation of the GLBA Privacy Rule (Regulation P): 

The Complaint alleges that Mortgage Solutions failed to provide a clear, conspicuous and accurate privacy notice and impermissibly disclosed non- public personal information about some of its customers in violation of the GLBA Privacy Rule.  The Privacy Rule requires, among other things, that a financial institution provide annually a clear and conspicuous notice to customers that accurately reflects the financial institution’s privacy policies and practices, including its security policies and practices.

According to the Complaint, from October 2012 until April 2018, Mortgage Solutions disseminated a privacy notice that omitted or misstated significant information. Among other things, the notice indicated that the only personal information collected by Mortgage Solutions is customers’ Social Security numbers and that Mortgage Solutions did not share this personal information with any third party for any reason. In fact, the company collected myriad types of sensitive personal information, including income information, credit histories, and dates of birth.  The Complaint further alleges that Mortgage Solutions’  posting of customer information on caused the privacy notice to be inaccurate, and additionally violated the Privacy Rule

Violation of the GLBA Safeguards Rule:

The Complaint alleges that  Mortgage Solutions failed for a period of time to develop and implement an information security program, and when it did implement a program, it fell short of regulatory standards.  The Safeguard’s Rule requires financial institutions to implement a comprehensive written “information security program” containing reasonable administrative, technical, and physical safeguards. It further requires that financial institutions regularly test or otherwise monitor the effectiveness of the safeguards’ key controls, systems, and procedures.

According to the Complaint, Mortgage Solutions did not have an information security program until September 2017 (in spite of being in business since at least 2012), and when it did finally implement a plan, the plan made no provision for regularly testing or assessing its own effectiveness.  Further, according to the complaint, Diablo failed to engage in such regular testing or assessment.

Violation of Section 5 of the FTC Act: 

The Complaint alleges that publicly posting consumers’ personal information was deceptive and unfair under Section 5 of the FTC Act.


In addition to paying a $120,000 civil penalty, the terms of the settlement prohibit Mortgage Solutions from misrepresenting its privacy and data security practices; misusing credit reports; and improperly disclosing personal information to third parties. It also must implement a comprehensive data security program designed to protect the personal information it collects and obtain third-party assessments of its information security program every two years. Finally, the company must designate a senior corporate manager responsible for overseeing the information security program to certify compliance with the order every year.


The FTC is continuing to assert its authority against financial institutions within its jurisdiction, including its general authority to prevent unfair and deceptive acts or practice under the FTC Act, and its authority with respect to the FCRA and GLBA.

In addition, this case represents the FTC’s latest effort to crack down on companies who attempt to restrict or retaliate against consumers negative public reviews on social media and other public websites.  In 2019 the FTC announced five cases alleging violations of the Consumer Review Fairness Act, which bans form contract provisions that restrict a consumer’s ability to post reviews about a seller’s goods, services, or conduct. Those cases challenged illegal “confidentiality” or “non-disparagement” clauses that sometimes threatened consumers with financial penalties for posting reviews.



Alston & Bird Expands Privacy and Cybersecurity Capabilities with Former FTC Veteran

Alston & Bird has expanded its privacy and cybersecurity litigation practice in Washington, D.C. with partner, Kathleen Benway. Benway, a former U.S. Federal Trade Commission (FTC) chief of staff, brings exceptional experience at the FTC, FCC, and in the Senate with consumer protection law and policy, especially in privacy and data security. She arrives from Wilkinson Barker Knauer LLP.

Benway has more than 12 years of service at the FTC, including most recently as chief of staff for the agency’s Bureau of Consumer Protection (BCP). While at the FTC, Benway served as chief of staff to three former directors of the agency’s BCP, where she managed day-to-day operations, represented the bureau in interactions with FTC commissioners, and assisted with congressional relations.

Benway also held a number of other positions at the FTC. In addition to serving as attorney advisor to former FTC Commissioner Julie Brill and counsel to the director of the BCP, she led investigations and litigated enforcement actions as a senior attorney in the bureau’s Privacy and Identity Protection Division and Marketing Practices Division. Additionally, she served two details as counsel to the Senate Committee on Commerce, Science, and Transportation, where she assisted in investigations and advised senators, staff, and other stakeholders on proposed legislation and policy issues within the FTC’s jurisdiction.

Benway also served at the U.S. Federal Communications Commission, where she was assistant chief of the Enforcement Bureau.

The addition of Benway represents the latest expansion of Alston & Bird’s Privacy & Cybersecurity Litigation practice. She follows Wim Nauwelaerts, who joined as partner in the firm’s Brussels office in October, and Amy Mushahwar, who joined as partner in Washington, D.C. in April.

To read the full press release, click here.

Supreme Court Cases Threaten a “Cornerstone” of the FTC’s Enforcement Program – Disgorgement

A&B ABstract:   

For decades, the FTC has pursued defendants allegedly engaged in “unfair or deceptive acts or practices in or affecting commerce” in violation of the FTC Act.[i]  Specifically, the FTC has used Section 13(b) of the FTC Act to file dozens of lawsuits in federal court each year and recover billions of dollars in disgorgement against such defendants.  The FTC recently referred to its efforts to obtain disgorgement under Section 13(b) as “a cornerstone of the FTC’s enforcement program for more than 30 years.”[ii]  Depending on how the Supreme Court rules on forthcoming cases, the FTC may lose this “cornerstone” absent future Congressional action.


Section 13(b) of the FTC Act provides that, where the FTC “has reason to believe” that a person “is violating or is about to violate” the FTC Act or a law enforced by the FTC, it can pursue a preliminary or permanent injunction in federal court.[iii]  The text of Section 13(b) mentions only injunctive relief, and does not mention disgorgement or restitution.  Courts for years, however, have held that Section 13(b) provides a broad grant of equitable authority, which included disgorgement as an equitable remedy.[iv]  As one district court described it, “[t]his is not supported by the plain text of the statute, but has been read into it by well-meaning judicial efforts to effect the ‘purpose’ of the statute.”[v]  Just a few years ago, the FTC obtained its largest ever disgorgement award in a litigated case – $1.27 billion in FTC v. AMG Capital Mgmt., LLC.[vi]  And, until August 2019, the circuit courts were unanimous in allowing the FTC to obtain disgorgement in actions under Section 13(b).

FTC v. Credit Bureau Center, LLC

On August 21, 2019, the Seventh Circuit in FTC v. Credit Bureau Center, LLC, overturned prior precedent and held for the first time that “[S]ection 13(b)’s permanent injunction provision does not authorize monetary relief.”[vii]  The court “recognize[d] that this conclusion departs from the consensus view of our sister circuits,” but nonetheless held that the “plain text” of Section 13(b) does not provide for disgorgement.  To date, the FTC has not sought Supreme Court review of this decision, although it stated that it and the Office of the Solicitor General “are currently evaluating whether to file a petition for a writ of certiorari.”[viii] The FTC recently obtained an extension until December 19, 2019 to file a petition for a writ of certiorari.

FTC v. AMG Capital Mgmt., LLC

The Seventh Circuit’s decision in Credit Bureau Center followed a December 2018 concurring opinion in the Ninth Circuit case of FTC v. AMG Capital Mgmt., LLC, where two of the three judges on the panel urged the court to rehear the case en banc to overturn the circuit’s prior precedent allowing the FTC to obtain disgorgement under Section 13(b).[ix]  Rehearing was denied, and as a result, the FTC’s $1.27 billion disgorgement award was affirmed.

The FTC’s decision whether or not to seek Supreme Court review in Credit Center Bureau will be informed by the fact that AMG Capital has made its way onto the Supreme Court’s certiorari petition docket.  On October 18, 2019, the defendants in AMG Capital filed their petition for a writ of a certiorari with the Supreme Court.[x]  The petitioners relied on the Seventh Circuit’s decision in Credit Center Bureau and the text of Section 13(b).  The petitioners argued that Section 13(b) “nowhere mentions monetary relief” and the statute stands in stark contrast to Section 19 of the FTC Act.  That section specifically allows for, among other things, “the refund of money or return of property, [and] the payment of damages” (1) when the FTC shows that the conduct at issue violates an existing FTC rule or (2) when the defendant violates a prior cease-and-desist order.[xi]  The FTC requested an extension until December 20, 2019 to file its response to this certiorari petition.  Therefore, the FTC has some significant decisions to make in the coming few weeks.

Liu v. SEC

Regardless of whether the Supreme Court reviews either the Seventh Circuit decision in Credit Bureau Center or the Ninth Circuit decision in AMG Capital, the Supreme Court is set to review the question of whether disgorgement constitutes “equitable relief” in the context of a securities law violation.  On November 1, 2019, the Supreme Court granted certiorari in the case of Liu v. SEC and will determine whether the Securities and Exchange Commission can obtain disgorgement as an equitable remedy in an enforcement action.[xii]  A decision in Liu is expected by June 2020.

While Liu involves the SEC and its enforcement statutes, and not the FTC and the FCT Act, the decision in Liu is nonetheless likely to impact the FTC’s ability to obtain disgorgement under the FTC Act.  Much like the FTC, the SEC has for many years sought disgorgement in enforcement proceedings.  “Beginning in the 1970’s, courts ordered disgorgement in SEC enforcement proceedings in order to deprive …defendants of their profits in order to remove any monetary reward for violating securities laws and to protect the investing public by providing an effective deterrent to future violations.”[xiii]  Courts have done so, even though by statute, the SEC can only obtain injunctive relief, equitable relief or civil monetary penalties.[xiv]

Kokesh v. SEC

Liu follows the Supreme Court’s 2017 decision in Kokesh v. SEC.[xv]  In that case, the Supreme Court held that “SEC disgorgement … bears all the hallmarks of a penalty: It is imposed as a consequence of violating a public law and it is intended to deter, not to compensate.  The 5-year statute of limitations in [15 U.S.C.] § 2462 therefore applies when the SEC seeks disgorgement.”[xvi]  The Supreme Court, however, was careful to note in a footnote that “[n]othing in this opinion should be interpreted as an opinion on whether courts possess authority to order disgorgement in SEC enforcement proceedings or whether courts have properly applied disgorgement principles in this context.”[xvii]

The Supreme Court will now specifically answer that question in Liu and determine whether disgorgement constitutes an equitable remedy following its holding that disgorgement is a “penalty.”  The oral argument from Kokesh showed that five Justices at the time questioned the statutory authority for the disgorgement remedy given that the enforcement statutes do not specifically provide for such a remedy.

Justice Gorsuch – “Well, here we don’t know [when the disgorged money goes to the victim], because there’s no statute governing it.  We’re just making it up.”

Chief Justice Roberts – “[T]he SEC devised this [disgorgement] remedy or relied on this remedy without any support from Congress.”

Justice Alito – “[I]t would certainly be helpful and maybe essential to know what the authority for [disgorgement] is.”

Justice Sotomayor – “Can we go back to the authority? …[I]f they’re not doing restitution, how could that be the basis of disgorgement?”

Justice Kennedy – “Is it clear that the district court has statutory authority to do this? …[I]s there specific statutory authority that makes it clear that the district court can entertain this remedy?”[xviii]

In addition, then Circuit Judge Kavanaugh wrote in Saad v. SEC that Kokesh “overturned a line of cases from [the D.C. Circuit] that had concluded that disgorgement was remedial and not punitive” and “the Court’s reasoning in Kokesh was not limited to the specific statute at issue there.”[xix]  All of this suggests that there is a likelihood that the Supreme Court will hold that disgorgement – in the SEC context – which has already been held to be a “penalty,” does not constitute “equitable relief.”



The Supreme Court’s acceptance of the appeal in Liu would seem to increase the chance the Supreme Court accepts the pending certiorari petition in AMG Capital given the similarity between the disgorgement issues in the context of the SEC and the FTC.  Similarly, as a result of Liu and the pending certiorari petition in AMG Capital, the FTC may elect to seek certiorari from the Seventh Circuit’s decision in Credit Bureau Center.  Therefore, there is at least an increased likelihood that the Supreme Court will specifically take an appeal on the direct issue of whether the FTC can obtain disgorgement under Section 13(b).  Given the Supreme Court’s holding in Kokesh that disgorgement is a penalty for statute of limitations purposes and the Justices comments at oral argument, such an appeal creates a risk to the FTC that the Supreme Court will similarly rule that disgorgement under the FTC Act is also a penalty, and thus does not fall within the scope of equitable relief allowed by Section 13(b).

Even if the Supreme Court does not take the appeal in AMG Capital (or Credit Bureau Center, if a petition is filed), a ruling in Liu that the SEC cannot seek and obtain disgorgement as “equitable relief” would nonetheless have consequences for the FTC and its ability to obtain disgorgement under the FTC Act.  Indeed, the FTC has recognized that the SEC statutory framework is similar to the FTC Act in that neither expressly mention monetary relief, but courts have nonetheless allowed disgorgement as a remedy.  Thus, an adverse ruling in Liu in the SEC context would provide defendants with arguments in the district courts and circuit courts that prior precedent allowing disgorgement as a form of equitable relief to the FTC is no longer tenable.  In such a case, the lower courts would have a new legal basis upon which to follow the Seventh Circuit’s lead from Credit Bureau Center and foreclose the FTC from continuing to use disgorgement as the “cornerstone” of its enforcement program.  The strength of such arguments will be determined in the next several months as these cases get decided.


[i] 15 U.S.C. § 45(a)(1).

[ii] Motion to Stay the Mandate at 5, FTC v. Credit Bureau Ctr., LLC, No. 18-2847, ECF No. 61 (7th Cir. Sept., 17, 2019).

[iii] 15 U.S.C. § 53(b).

[iv] See, e.g., FTC v. Commerce Planet, Inc., 815 F.3d 593 (9th Cir. 2016); FTC v. Gem Merch. Corp., 87 F.3d 466 (11th Cir. 1996); FTC v. Bronson Partners, LLC, 654 F.3d 359 (2nd Cir. 2011); FTC v. Freecom Commc’ns, Inc., 401 F.3d 1192 (10th Cir. 2005); FTC v. Direct Mktg. Concepts, Inc., 624 F.3d 1 (1st Cir. 2010).

[v] FTC v. Hornbeam Special Situations, LLC, No. 1:17-cv-3094, 2018 WL 6254580 (N.D. Ga. Oct. 15, 2018).

[vi]; FTC v. AMG Capital Mgmt., LLC, 910 F.3d 417 (9th Cir. 2018).

[vii] 937 F.3d 764 (7th Cir. 2019).

[viii] Motion to Stay the Mandate at 3, Credit Bureau Ctr., No. 18-2847, ECF No. 61 (7th Cir. Sept., 17, 2019).

[ix] AMG Capital, 910 F.3d at 421.

[x] AMG Capital Mgmt., LLC v. FTC, No. 19-508 (U.S.).

[xi] 15 U.S.C. § 57b(a).

[xii] Petition for a Writ of Certiorari, Liu v. SEC, No. 18-1501 (petition granted, Nov. 1, 2019).

[xiii] Kokesh v. SEC, 137 S.Ct. 1635, 1640 (2017).

[xiv] 15 U.S.C. §§ 77t(b), (d), 78u(d)(1), (3) and (5).

[xv] Kokesh, 137 S.Ct. at 1635.

[xvi] Kokesh, 137 S.Ct. at 1644.

[xvii] Kokesh, 137 S.Ct. at 1642 n3.

[xviii] Petition for a Writ of Certiorari at 9, Liu v. SEC, No. 18-1501 (citing oral argument transcript at 7-9, 13, 31, 52, Kokesh v. SEC, No. 16-529 (Apr. 18, 2017)).

[xix] Saad v. SEC, 873 F.3d 297, 305 (D.C. Cir. 2017).