The D.C. Circuit’s Recent Decision Reinforces the Urgent Need for a Cyberattack Exception to the FSIA

On March 14, 2017, the D.C. Circuit affirmed the district court’s dismissal of a lawsuit against Ethiopia that arose out of an alleged hacking of a computer in the United States.  See Doe v. The Federal Democratic Republic of Ethiopia, — F.3d —, 2017 WL 971831 (D.C. Cir., Mar. 14, 2017, No. 16-7081). You can read the opinion here

The D.C. Circuit’s opinion makes it clear that the FSIA’s tort exception is wholly inadequate as a means to assert jurisdiction over a foreign state in a cyberattack case.  As the D.C. Circuit correctly held, the tort exception is inapplicable in such cases because of the situs requirement: “The tort [the plaintiff] alleges . . . did not occur entirely in the United States; it is a transnational tort over which we lack subject matter jurisdiction.”  Doe, 2017 WL 971831, at *3, citations, quotations and brackets omitted. The D.C. Circuit stated that Congress’s “primary purpose in enacting § 1605(a)(5) was to eliminate a foreign state’s immunity for traffic accidents and other torts committed in the United States,” and that “[i]t is thus unsurprising that transnational cyberespionage should lie beyond section 1605(a)(5)’s reach.”  Ibid., citation and quotations omitted.

The D.C. Circuit’s holding – that the tort exception’s situs requirement bars a claim arising out of a cyberattack originating overseas – corresponds exactly with the point that I made in my prior post. It is the reason why commentators who argue that the tort exception is sufficient to address the growing cyberattack problem are simply wrong.

Sovereign immunity was born centuries ago, and it underwent an important evolution in the 20th century to reflect a changing world. The FSIA now needs to catch up to the modern realities of the Internet Age. Given the prevalence of computer hacking by foreign states, and the resulting harm to American individuals and companies, a new cyberattack exception to the FSIA is urgently needed. However, as I previously explained, such an exception will only work if it has teeth – such as, for example, the ability to collect on judgments against foreign states from the state’s instrumentalities and agencies, even if such entities were not involved in the cyberattack at issue.  Cf. 28 U.S.C. § 1610(g)(1)(A)-(E). Otherwise, a new exception will do little to stem the rising tide of cyberattacks by foreign sovereigns in the United States.

The Cyberattack Exception to the Foreign Sovereign Immunities Act: A Proposal to Strip Sovereign Immunity When Foreign States Conduct Cyberattacks Against Individuals and Entities in the United States

The political branches may ultimately deem it advisable to permit suits against foreign sovereigns who, without setting foot on American soil, use technology to commit torts against persons located here.  But if the FSIA is to be altered, that is a function for the same body that adopted it.”

Doe v. Fed. Democratic Republic of Ethiopia, 189 F. Supp. 3d 6, 25 (D.D.C. 2016) (citations, quotations and brackets omitted).


Five days ago, while I was reading about the Russian hacking scandal and the resulting damage to America’s public institutions, a new thought occurred to me: there should be a cyberattack exception to the Foreign Sovereign Immunities Act.

I checked to see if anyone had made the proposal before.  It appears to have been mentioned once, nearly four years ago, in an article about China’s cyber activities by Daniel Blumenthal in the Foreign Policy magazine.[1]  However, Mr. Blumenthal only devoted two sentences to the idea, which (to my knowledge) was never further developed.[2]

Other attorneys have occasionally argued (both in and out of court) that cyberattacks falls within the FSIA’s existing tort exception, 28 U.S.C. section 1605(a)(5).[3]  One attorney even tried to provide a “roadmap to this new line of litigation” in a recent law review article.[4]  However, I litigated the tort exception in district and appellate courts for well over a decade, and it creates only roadblocks to civil suits for cyberattacks. 

In particular, the tort exception’s situs requirement[5] — as well as the discretionary function and misrepresentation exclusions limiting the exception — make any lawsuit against a foreign sovereign for a cyberattack under section 1605(a)(5) very difficult and expensive.[6]  Indeed, a recent dismissal under the FSIA in a cyber case in the United States District Court for the District of Columbia – where the court dismissed a Wiretap Act claim under the tort exception’s situs requirement – only highlights the challenges of such litigation.[7]  In addition, even assuming that a cyber suit falls under the tort exception to the FSIA, a judgment would be extraordinarily difficult to collect upon given the FSIA’s strong immunity provisions related to attachment and execution.[8]

The result is that foreign states can perpetrate cyberattacks with relative impunity in the United States.  Even worse, those harmed by such attacks – often individuals or corporations who are innocent of any misconduct – have no effective means of redress against the offending foreign sovereign (or its officials).

Does this make sense?  Why should countries like Russia and North Korea be immune from suit for illegal conduct targeting computer systems in the United States?  Why shouldn’t foreign states that attack individuals, corporations or institutions over the Internet be liable for the consequences of their misdeeds? 

The United States Supreme Court has emphasized that “foreign sovereign immunity is a matter of grace and comity on the part of the United States, and not a restriction imposed by the Constitution.”[9]  As a matter of “grace and comity,” there is nothing in the history of foreign sovereign immunity that supports a grant of immunity where a foreign state targets a specific individual or entity for attack on the territory of the United States.[10]

The Foreign Sovereign Immunities Act of 1976 is over forty years old.  The time has come to bring the FSIA into the 21st century to address a very real and growing threat.[11]  A new cyberattack exception to the FSIA (28 U.S.C. § 1605C) would remove immunity for foreign states who attack individuals and entities in the United States, and would finally provide those harmed with a means of redress.  It should be drafted and passed forthwith.

Key Components

There are several key components essential to ensure an effective cyberattack exception to the FSIA:

Jurisdictional Provision: The cyberattack exception should have a jurisdictional provision modeled after the tort and the terrorism exceptions of the FSIA, but which is nevertheless specifically tailored to address the peculiarities of a cyberattack:

A foreign state shall not be immune from the jurisdiction of courts of the United States or of the States in any case not otherwise covered by this chapter in which money damages are sought against a foreign state for a cyberattack by the foreign state or by an official, employee or agent of such foreign state acting within the scope of his or her office, employment, or agency.[12]

If this type of language were to be used, the term “cyberattack” would need to be defined elsewhere (such as in 28 U.S.C. § 1603), and would need to track the language in a new cause of action (see below).  The other terms and phrases used in this proposed provision – such as “employee” and “scope of employment” – already have received extensive interpretation in FSIA jurisprudence.[13]  Moreover, the cyberattack exception – like the terrorism exception – should have no discretionary function or misrepresentation exclusions.

Cause of Action: While there are State and federal civil causes of action available in cyberattack cases – such as under the Electronic Communications Privacy Act and the Computer Fraud and Abuse Act – it is not always clear whether such provisions apply against foreign governmental entities.[14]  In fact, a federal district court recently concluded “that section 2520 of the Wiretap Act does not create a civil cause of action against a foreign state for interceptions of wire, oral, or electronic communications in violation of section 2511(1).”[15]  Accordingly, to clearly define the type of conduct that would fall within the new cyberattack exception, Congress should use existing federal law to create a new federal cyberattack cause of action against foreign states.  There is precedent for such an approach under the terrorism exception,[16] and it would serve the principle of uniformity underlying the FSIA.[17]  In addition, to avoid potential issues under international law, the new cause of action should clarify that the tort occurs in the United States, where the computer system is breached. 

Retroactivity and Statute of Limitations: To allow parties previously harmed by cyberattacks to bring suit, Congress should make the new immunity exception retroactive – which is permitted under Supreme Court jurisprudence.[18]  Like the terrorism exception, the cyberattack exception should also include a 10-year statute of limitations, extending back to claims occurring prior to the amendment’s enactment.[19]

Appearance/Default: Foreign states that engage in cyberattacks in the United States can be expected either not to appear at all in United States district court, or to withdraw from the litigation after making an initial appearance.[20]  Discovery is difficult to obtain under such circumstances, and yet the plaintiff still has the burden under section 1608(e) of “establish[ing] his claim or right to relief by evidence satisfactory to the court” prior to entry of default judgment.[21]  That burden is a particularly heavy one in cyberattack cases, especially for a private party who may have limited resources.  As a result, I would propose a new provision that specifically addresses a foreign state’s failure to appear in a cyberattack case:

If any federal law enforcement or intelligence agency certifies that there is probable cause that a foreign state, or an official, employee or official thereof, committed the act described in section * * *, there shall be a rebuttable presumption that the foreign state, or the official, employee or official thereof, has committed the act.  If the foreign state does not appear in the action, that presumption shall be accepted by the district court and shall constitute sufficient evidence to satisfy the requirements of section 1608(e).  If the foreign state appears in the action, the rebuttable presumption shall be rendered ineffective until such time, if any, that the foreign state no longer participates in the litigation.[22]

Damages: Under 28 U.S.C. section 1606, a foreign state sued under the cyberattack exception would “be liable in the same manner and to the same extent as a private individual under like circumstances; but a foreign state except for an agency or instrumentality thereof shall not be liable for punitive damages.”[23]  If the cyberattack exception creates a new cause of action, it should define the types of damages that should be recoverable (like the terrorism exception).[24]  Those damages should include reputational and professional harm caused by the hacking of personal and business e-mail systems.  As with the terrorism exception, Congress should also consider removing foreign sovereigns’ protection against punitive damages for cyberattacks, particularly if an attack causes major damage or disruption in the United States.[25]

Execution/Attachment: Because the FSIA currently provides strong protections against execution and attachment in a case involving a foreign sovereign,[26] it creates a massive disincentive to filing suit in a cyberattack case.  Even if a plaintiff establishes jurisdiction under the tort exception and prevails on the merits, the plaintiff is effectively limited to attaching or executing on “any contractual obligation or any proceeds from such a contractual obligation to indemnify or hold harmless the foreign state or its employees under a policy of automobile or other liability or casualty insurance covering the claim which merged into the judgment.”[27]  Given that foreign states do not (to my knowledge) carry insurance to protect themselves against cyberattack claims, a plaintiff can at best obtain a judgment that cannot be enforced – which is as useless as no judgment at all, especially when the foreign nation involved is a country such as Russia or North Korea.

In light of the foregoing, and in keeping with an analogous provision related to the terrorism exception,[28] Congress should add a new section 1610(a)(8):

The property in the United States of a foreign state. . . used for a commercial activity in the United States, shall not be immune from attachment in aid of execution, or from execution . . . [if] the judgment relates to a claim for which the foreign state is not immune under section 1605C [the cyberattack exception], regardless of whether the property is or was involved with the act upon which the claim is based.

Just as importantly, Congress should make judgments entered against foreign states in cyberattack cases subject to section 1610(g)(1), so that plaintiffs can collect from agencies or instrumentalities of the foreign state – even if such agencies or instrumentalities were not involved in the cyberattack at issue.[29]

Official Immunity: Congress should consider making all of the prior provisions, mutatis mutandis, applicable to foreign officials who order or participate in the cyberattack.  That includes, in particular, the exception to immunity and the punitive damages provision set forth above.  However, given the international law doctrine of head-of-state immunity, Congress should refrain from providing a means to assert jurisdiction over a sitting head of state for such conduct.

Final Thoughts

The FSIA largely renders foreign states immune for cyberattacks against individuals, corporations and institutions located in the United States.  However, given the financial and non-financial harm caused by such attacks, foreign states should be held liable, and should be compelled to provide compensation to those damaged by their actions.  Such a result not only makes sense, but it is also perfectly acceptable under long-established doctrines of foreign sovereign immunity.  And, perhaps most importantly, a new cyberattack exception – if it has real bite – would disincentivize foreign states from engaging in such harmful conduct in the future.

[1] See D. Blumenthal, “How to Win a Cyberwar with China,”
(Feb. 28, 2013) (“Congress could also create a cyberattack exception to the Foreign Sovereign Immunities Act, which currently precludes civil suits against a foreign government or entity acting on its behalf in the cyber-realm. There is precedent: In the case of terrorism, Congress enacted an exception to immunity for states and their agents that sponsor terrorism, allowing individuals to sue them.”).  Mr. Blumenthal’s idea was subsequently repeated, in similar conclusory form, in other sources.  Seee.g., Mazza, Michael.  Statement to the House, Committee on Foreign Affairs.  Cyber Attacks: An Unprecedented Threat to U.S. National Security (Mar. 21, 2013), at 47.

[2] Because I wanted to share this proposal as soon as possible – so that it may be considered and improved upon by others – I cannot claim an exhaustive search of prior sources related to cyberattacks under the FSIA.  However, I have not seen any other attempts to describe what such an exception would look like.  If such a prior proposal exists, I welcome comment from, and discussion with, its author.

[3] See U. Colella, “Foreign governments should be sued for cyberattacks,” Washington Examiner (Feb. 13, 2017).

[4] Scott A. Gilmore, Suing the Surveillance States: The (Cyber) Tort Exception to the Foreign Sovereign Immunities Act, 46 Colum. Hum. Rts. L. Rev. 227 (2015) (hereinafter “Gilmore”).  The article is available online.

[5] Mr. Gilmore underestimates the problem posed by the tort exception’s situs requirement in cyberattack cases.  See Gilmore, supra note 4, at 287, n. 149.  Based upon my experience in many cases, the situs requirement poses a major obstacle to jurisdiction in cross-border tort casesSee also infra, note 7.

[6] See 28 U.S.C. § 1605(a)(5)(A)-(B).  Given the breadth of the misrepresentation exclusion, its effect on computer fraud cases against foreign states remains an open question — particularly since the tort exception’s exclusions, which are based upon similar provisions in the Federal Tort Claims Act (28 U.S.C. §§ 2680(a), (h)), are so ill-defined.  In addition, although Mr. Gilmore may be correct that the discretionary function exclusion does not bar cyberattack claims outright (Gilmore, supra note 4, at 265-274), Mr. Gilmore’s article may not fully appreciate how the discretionary function exclusion can impact specific causes of action or theories of liability.  See, e.g., Doe v. Holy See, 557 F.3d 1066, 1083–85 (9th Cir. 2009).  While the District Court for the District of Columbia recently seemed inclined not to apply the discretionary function exclusion in a cyber case, the discretionary function exclusion is – at a bare minimum – an additional hurdle that complicates any case brought under the tort exception.  See Doe v. Fed. Democratic Republic of Ethiopia, 189 F.Supp.3d 6, 25-28 (D.D.C. 2016). As a result, it provides yet another obstacle to proceeding under the FSIA’s tort exception in a cyberattack case.

[7] Doe, 189 F.Supp.3d at 9; see also id. at 25 (“the Court holds that [plaintiff’s] claim for intrusion upon seclusion is barred by the ‘entire tort’ rule”).

[8] 28 U.S.C. §§ 1609-1611.  As discussed below, Mr. Gilmore’s article does not address this major problem with proceeding under the tort exception.  See infra at note 27.

[9]  Verlinden B.V. v. Cent. Bank of Nigeria, 461 U.S. 480, 486 (1983).

[10] The terrorism exception, 28 U.S.C. § 1605A, is the modern embodiment of this principle.  However, while absolute immunity was the norm pre-1952, even the Schooner Exchange Court recognized that there could be proper restrictions on immunity.  See The Schooner Exch. v. McFaddon, 11 U.S. 116, 123 (1812) (“We may forbid the entrance of [foreign states’] public ships, and punish the breach of this prohibition by forfeiture; nor do we deny the obligation of a foreign sovereign to conform to pre-existing laws, as to offences-and as to the acquisition of property; nor his liability for his private debts and contracts.”) (emphasis added).

[11] For a discussion of recent cyberattacks by foreign states, see Gillmore, supra note 4, at 228-32.  Of course, the problem has only gotten much worse since Mr. Gillmore’s article, and now includes economic and political tampering of a type that was perhaps previously unimaginable. 

[12] See 28 U.S.C. §§ 1605(a)(5) and 1605A(a)(1).

[13] However, to streamline litigation for plaintiffs and defendants alike (as well as serve the principle of uniformity underlying the FSIA), I would strongly urge Congress to apply the federal common law to identify officials, employees and agents, and to define the scope of their office, employment and agency.  The current hodgepodge of State laws creates unnecessary confusion and expense under the existing exceptions; if not addressed, these problems would persist under a new cyberattack exception as well.

[14] See Gilmore, supra note 4, at 244-50.

[15] Doe, 189 F.Supp.3d at 15.

[16] See 28 U.S.C. § 1605A(c).

[17] See, e.g., Verlinden, 461 U.S. at 489 (discussing “the importance of developing a uniform body of law in this area”) (citations and quotations omitted).

[18] Republic of Austria v. Altmann, 541 U.S. 677 (2004).

[19] 28 U.S.C. § 1605A(b).

[20] See, e.g., Calderon-Cardona v. Democratic People’s Republic of Korea, 723 F. Supp. 2d 441, 444 (D.P.R. 2010) (non-appearance by North Korea in FSIA action); Agudas Chasidei Chabad of U.S. v. Russian Fed’n, 729 F. Supp. 2d 141, 144 (D.D.C. 2010) (after participation in the litigation for years, Russia filing a “Statement with Respect to Further Participation [71] which informed th[e] Court that defendants ‘decline[d] to participate further in this litigation’ and ‘believe[d] this Court has no authority to enter Orders with respect to the property owned by the Russian Federation and in its possession, and the Russian Federation will not consider any such Orders to be binding on it’”).

[21] 28 U.S.C. § 1608(e).

[22] If such a provision were adopted, there would need to be a mechanism for certification by federal law enforcement or intelligence agencies.

[23] 28 U.S.C. § 1606.

[24] See 28 U.S.C. § 1605A(c)-(d) (“(c) . . . In any such action, damages may include economic damages, solatium, pain and suffering, and punitive damages. In any such action, a foreign state shall be vicariously liable for the acts of its officials, employees, or agents.  (d) Additional damages.–After an action has been brought under subsection (c), actions may also be brought for reasonably foreseeable property loss, whether insured or uninsured, third party liability, and loss claims under life and property insurance policies, by reason of the same acts on which the action under subsection (c) is based.”).

[25] Not only is there recent precedent for lifting the punitive damages bar (28 U.S.C. § 1605A(c)), but the bar was always on precarious footing with respect to international law.  Cf. H.R. Rep. No. 94-1487 (1976), at 22, citing, inter alia, 5 Hackwork, Digest of International Law, 723-26 (1943) (“Under current international practice, punitive damages are usually not assessed against foreign states.”) (emphasis added).  Hackworth’s treatise, cited in the FSIA’s legislative history, stated the following:

[T]he refusal of international tribunals to assess punitive, vindictive, or exemplary damages, as such, against respondent governments may be explained in part by the absence of malice, or mala mens, on the part of the government of the respondent state.

5 Hackworth, Digest of International Law 723-26 (1943).  It is unclear whether a foreign state lacks “malice” in a cyberattack case, especially where the attack is significant and is intended to disrupt core economic or political activities in the other nation.

[26] See 28 U.S.C. §§ 1609-1611.

[27] 28 U.S.C. § 1610(a)(5).  The plaintiff in a cyberattack case proceeding under the tort exception will be limited to section 1610(a)(5), because the plaintiff likely would not be able to show that the foreign state has waived immunity (§ 1610(a)(1)), that “the property is or was used for the commercial activity upon which the claim is based” (§ 1610(a)(2)), that “the execution relates to a judgment establishing rights in property which has been taken in violation of international law or which has been exchanged for property taken in violation of international law” (§ 1610(a)(3)), that “the execution relates to a judgment establishing rights in property . . . which is acquired by succession or gift, or . . . which is immovable and situated in the United States” (§ 1610(a)(4)), that “the judgment is based on an order confirming an arbitral award rendered against the foreign state, provided that attachment in aid of execution, or execution, would not be inconsistent with any provision in the arbitral agreement” (§ 1610(a)(6)), or that “ the judgment relates to a claim for which the foreign state is not immune under section 1605A or section § 1605(a)(7) (as such section was in effect on January 27, 2008), regardless of whether the property is or was involved with the act upon which the claim is based” (§ 1610(a)(7)).  In his article, Mr. Gilmore does not address the difficulties caused by the FSIA’s attachment and execution provisions with respect to any cyberattack claim proceeding under the tort exception.  Gilmore, supra note 4, passim.  

[28] 28 U.S.C. § 1610(a)(7).

[29] The terrorism exception’s section 1610(g)(1), which was intended to remove the presumption of separate juridical status set forth in First Nat. City Bank v. Banco Para el Comercio Exterior de Cuba (“Bancec”), 462 U.S. 611 (1983), states the following in relevant part:

[T]he property of a foreign state against which a judgment is entered under section 1605A, and the property of an agency or instrumentality of such a state, including property that is a separate juridical entity or is an interest held directly or indirectly in a separate juridical entity, is subject to attachment in aid of execution, and execution, upon that judgment as provided in this section, regardless of–(A) the level of economic control over the property by the government of the foreign state;(B) whether the profits of the property go to that government;(C) the degree to which officials of that government manage the property or otherwise control its daily affairs;(D) whether that government is the sole beneficiary in interest of the property; or(E) whether establishing the property as a separate entity would entitle the foreign state to benefits in United States courts while avoiding its obligations.

28 U.S.C.A. § 1610.  Section 1610(g)(1) could be easily amended to over both terrorism cases (§ 1605A) and cyberattack cases (proposed § 1605C).

The Tort Exception’s Situs Requirement

The FSIA’s tort exception requires an action “in which money damages are sought against a foreign state for personal injury or death, or damage to or loss of property, occurring in the United States . . . .”  28 U.S.C. § 1605(a)(5).  As exemplified by a recent decision from the United States District Court for the District of Puerto Rico, courts have long held that jurisdiction lies under the tort exception only if the entire tort occurred within the United States.  See Fernandez v. Spain, CIV. 13-1911 PG, 2014 WL 1807069, at *2 (D.P.R. May 7, 2014); see also, e.g., Argentine Republic v. Amerada Hess Shipping Corp., 488 U.S. 428, 441 (1989); In re Terrorist Attacks on September 11, 2001, 714 F.3d 109, 116 (2d Cir. 2013); O’Bryan v. Holy See, 556 F.3d 361, 382 (6th Cir. 2009); Cabiri v. Gov’t of Republic of Ghana, 165 F.3d 193, 200 n.3 (2d Cir. 1999); Wolf v. Fed. Republic of Germany,95 F.3d 536, 542 (7th Cir. 1996); Jones v. Petty-Ray Geophysical Geosource, Inc., 954 F.2d 1061, 1065 (5th Cir. 1992); Asociacion de Reclamantes v. United Mexican States, 735 F.2d 1517, 1524-25 (D.C. Cir. 1984); Abrams v. Societe Nationale des Chemins de Fer Francais, 175 F. Supp. 2d 423, 431 (E.D.N.Y. 2001), vacated on other grounds by 332 F.3d 173 (2d Cir. 2003), cert. granted and vacated, 542 U.S. 901 (2004), aff’d 389 F.3d 61 (2d Cir. 2004); Sampson v. Fed. Republic of Germany, 975 F. Supp. 1108, 1118 (N.D. Ill. 1997); S. Seafood Co. v. Holt Cargo Sys., Inc., No. Civ.A.96-5217, 1997 WL 539763, at *7 (E.D. Pa. Aug. 11, 1997); Cabiri v. Gov’t of Republic of Ghana, 981 F. Supp. 129, 132 (E.D.N.Y. 1997), aff’d in part and rev’d on other grounds in 165 F.3d 193 (2d Cir. 1999); Hirsh v. State of Israel, 962 F. Supp. 377, 383-84 (S.D.N.Y. 1997); Rein v. Rein, No. 95 Civ. 4030 (SHS), 1996 WL 273993, at *3 (S.D.N.Y. May 23, 1996); Coleman v. Alcolac, Inc., 888 F. Supp. 1388, 1403 (S.D. Tex. 1995); Smith v. Socialist People’s Libyan Arab Jamahiriya, 886 F. Supp. 306, 313 (E.D.N.Y. 1995); El-Fadl v. Cent. Bank of Jordan, No. Civ.A. 93-1895 RMU, 1994 WL 1656111, at *4 (D.D.C. Nov. 9, 1994); Velasquez v. Gen. Consulate of Mexico, No. C-92-3745 CFL, 1993 WL 69493, at *3 (N.D. Cal. Mar. 4, 1993); Intercont’l Dictionary Series v. De Gruyter, 822 F. Supp. 662, 677 (C.D. Cal. 1993), disapproved on other grounds in Sun v. Taiwan, 201 F.3d 110 (9th Cir. 2000); Denegri v. Republic of Chile, Civ. A. No. 86-3085, 1992 WL 91914, at *2 (D.D.C. Apr. 6, 1992); Antares Aircraft L.P. v. Fed. Republic of Nigeria, No. 89 Civ. 6513(JSM), 1991 WL 29287, at *4 (S.D.N.Y. Mar. 1, 1991); Polanco v. Dominican Republic, No. 90 Civ. 7089 (WK),1991 WL 146306, at *2 (S.D.N.Y. July 22, 1991); Fickling v. Commw. of Australia, 775 F. Supp. 66, 72 (E.D.N.Y. 1991); Von Dardel v. Union of Soviet Socialist Republics, 736 F. Supp. 1, 7-8 (D.D.C. 1990); Goquiolay v. Philippines Nat’l Bank, No. 90 CIV. 893 (CSH), 1990 WL 144118, at *3 (S.D.N.Y. Sept. 28, 1990); Bennett v. Stephens, CIV. A. No. 88-2610 (RCL), 1989 WL 17751, at *4 (D.D.C. Feb. 23, 1989); Kline v. Kaneko, 685 F. Supp. 386, 391 (S.D.N.Y. 1988); Four Corners Helicopters, Inc. v. Turbomeca S.A., 677 F. Supp. 1096, 1102 (D. Colo. 1988); English v. Thorne, 676 F. Supp. 761, 764 (S.D. Miss. 1987); Ledgerwood v. State of Iran, 617 F. Supp. 311, 314 (D.D.C. 1985); Kline v. Republic of El Salvador, 603 F. Supp. 1313, 1315-16 (D.D.C. 1985); Evans v. Petroleo, Civil Action No. H-83-91, 1984 WL 1887, at *1 (S.D. Tex. Aug. 2, 1984); In re Sedco, Inc., 543 F. Supp. 561, 567 (S.D. Tex. 1982); cf. H.R. Rep. No. 1487, at 21 (1976).

The tort exception’s situs requirement is a critical limitation on jurisdiction over foreign torts under the FSIA.  In light of the recognized importance of such limitations in international law (cf. Kiobel v. Royal Dutch Petroleum Co., — U.S. —, 133 S. Ct. 1659, 1669 (2013)), it should continue to be strongly enforced by courts in the United States.

Injunctive Relief and the FSIA’s Tort Exception

There has been a lot of recent attention to the issue of whether injunctions are permitted under the FSIA.  See, e.g., NML Capital, Ltd. v. Republic of Argentina, 699 F.3d 246, 262-63 (2d Cir. 2012) cert. denied, 134 S. Ct. 201 (U.S. 2013).  However, one issue that has not been widely discussed is the possibility of injunctive relief in a lawsuit proceeding under the FSIA’s tort exception.  Using Federal Tort Claims Act (“FTCA”) precedent, a foreign sovereign has a strong basis for arguing that injunctive relief is impermissible under 28 U.S.C. section 1605(a)(5).

The FSIA’s tort exception was modeled on the waiver of immunity contained in the FTCA.  Compare 28 U.S.C. § 1605(a)(5) with 28 U.S.C. § 1346(b)(1); see also, e.g., De Sanchez v. Banco Central de Nicaragua, 770 F.2d 1385, 1398 (5th Cir. 1985).  Similar to the FTCA’s immunity waiver, the tort exception is limited to cases “in which money damages are sought against a foreign state.”  28 U.S.C. § 1605(a)(5) (emphasis added).  Courts have repeatedly held that analogous language in the FTCA precludes injunctive relief.  See Kaskaskia River/Marina Campgrounds, Inc. v. United States, 07-CV-0166-MJR, 2008 WL 4594979, at *2 (S.D. Ill. Oct. 15, 2008) (“The explicit terms of the FTCA only provide for money damages. . . . Given the plain meaning of the statute, it is clear that this Court lacks subject matter jurisdiction to award any relief other than money damages.”); see also Moher v. United States, 875 F. Supp. 2d 739, 755 (W.D. Mich. 2012) (collecting cases).  Accordingly, applying FTCA precedent to cases under the FSIA’s tort exception, section 1605(a)(5) does not confer subject matter jurisdiction over claims seeking injunctive relief against foreign sovereigns.

Litigation Comment: The FSIA’s Misrepresentation Exclusion

In a recent decision, the United States District Court for the Southern District of New York held that a claim for fraudulent conveyance met the requirements of the FSIA’s tort exception, 28 U.S.C. section 1605(a)(5).  See Peterson v. Islamic Republic of Iran, 10 CIV. 4518 KBF, 2013 WL 5538652, at *3 (S.D.N.Y. Oct. 8, 2013).  The ruling highlights the need for courts to consider the tort exception’s misrepresentation exclusion, 28 U.S.C. section 1605(a)(5)(B), with respect to any alleged claim arguably arising out of misrepresentation or deceit.

There is not much FSIA case law relating to the misrepresentation exclusion.  However, there is a great deal of authority under the Federal Tort Claims Act’s misrepresentation exclusion, 28 U.S.C. section 2680(h).  Since the FSIA’s misrepresentation exclusion was based upon section 2680(h), De Sanchez v. Banco Central de Nicaragua, 770 F.2d 1385, 1398 (5th Cir. 1985), defense counsel in FSIA cases must be familiar with the relevant FTCA precedent.

Although the case law cannot be adequately summarized here, there are several key issues to keep in mind:

•          The exclusion for actions based on misrepresentation or deceit “is broadly construed.”  Maryland Cas. Co. v. United States, No. C 05-02558 JSW, 2006 WL 563046, at *9 (N.D. Cal. Mar. 6, 2006).

•          The misrepresentation exclusion “encompasses claims arising out of negligent, as well as willful, misrepresentation.”  Janowsky v. United States, 913 F.2d 393, 396 (7th Cir. 1990).

•           The exclusion “bars not only claims of negligence in the misrepresentation, but in the conduct underlying the misrepresentation.”  Dorking Genetics v. United States, 76 F.3d 1261, 1264 (2d Cir. 1996).

•          The exclusion applies irrespective of whether the allegations are based upon affirmative misrepresentations or omissions.  JBP Acquisitions LP v. United States ex rel. FDIC, 224 F.3d 1260, 1266 (11th Cir. 2000).

•           The term “misrepresentation” is “broad enough to reach all types of claims for misrepresentation, whether those claims seek recovery for commercial injury, physical injury, or emotional injury.”  Najbar v. United States, 723 F. Supp. 2d 1132, 1137 (D. Minn. 2010), aff’d, 649 F.3d 868 (8th Cir. 2011).

•          In determining whether a plaintiff’s claims are barred by the misrepresentation exclusion, courts must look to the “gravamen” of the claim.  Deloria v. Veterans Admin., 927 F.2d 1009, 1012-13 (7th Cir. 1991).

“[T]he essence of an action for misrepresentation, whether negligent or intentional, is the communication of misinformation on which the recipient relies.”  Block v. Neal, 460 U.S. 289, 296 (1983).

It is not clear how the plaintiff’s fraudulent conveyance claim in the Peterson case – which is now on appeal – would fare under this analysis, though at least one court has found such claims to run afoul of the FTCA’s misrepresentation exclusion.  Yagman v. Whittlesey, 2:12-CV-08413-SVW-CW, 2012 WL 5831169, at *3 (C.D. Cal. Nov. 2, 2012).  The Peterson case nevertheless serves as a reminder that the misrepresentation exclusion should be fully litigated in FSIA cases, since it is an area with significant promise for foreign sovereign defendants.