This question has come up before the United States Court of Appeals for the Second Circuit, in New York. Interestingly, this involves stealing of information by hacking a computer system. Here are the brief facts as reported in the New York Times:
“[T]he evidence indicates that on Oct. 17, 2007, someone hacked into a computer system that had information on an earnings announcement to be made by IMS Health a few hours later.
Minutes after the breach of computer security, Mr. Dorozhko invested $41,671 in put options that would expire worthless three days later unless IMS shares plunged before that. The next morning the share price did plunge, and Mr. Dorozhko made his money by selling the puts.”
The question of law that makes the case tricky is summarised in the report:
“This situation exists because of a strange anomaly in American securities laws. A person who legally obtains insider information — as a corporate official or an investment banker, for example — will almost certainly break the securities law if he or she trades on the basis of that information before it is made public.
But it is far less clear that someone who illegally gets their hands on such information will have violated the securities laws by trading on it. The securities law used to bring insider trading charges — Section 10(b) of the 1934 Securities Exchange Act — talks of “a deceptive device or contrivance,” and it is not clear that there is any deception involved in simple theft.”
It is likely to be even more onerous for a regulatory authority or prosecutor to establish a case in similar circumstances under the Indian insider trading law – being the SEBI (Prohibition of Insider Trading) Regulations, 1992 – as that applies only to trading by insiders or to disclosure of information by insiders. Further, Indian law does not have a broad-brush antifraud provision in the nature of Section 10(b) of the US Securities Exchange Act, 1934 within which to fit such a case. That being said, it is still open for a case to be brought under other legislations, such as for fraud or even for hacking under the Information Technology Act, 2000 (which are beyond the purview of this blog).