Pension & Benefits News Recordkeeper's use of personal data of 401(k) plan participants to market non-plan products did not subject it to fiduciary liability
Friday, July 23, 2021

Recordkeeper's use of personal data of 401(k) plan participants to market non-plan products did not subject it to fiduciary liability

By Pension and Benefits Editorial Staff

The use by a 401(k) plan recordkeeper of confidential participant data to market non-plan financial products offered by affiliates of the recordkeeper to plan participants did not subject it to liability as an ERISA fiduciary, according to a federal trial court in Texas. Participant data, such as Social Security numbers, income, investment history, and account balances, are not plan assets under ERISA, the court explained.

Sharing of participant data by recordkeeper. Shell Oil sponsors a 401(k) plan for its employees. Fidelity Investments Institutional Operations Company (FIIOC) performs recordkeeping functions for the plan. In its role as recordkeeper, FIIOC maintains information about participants, including their names, contact information, Social Security numbers, financial information, investment history, identity of their investments, account balances, investment contribution amounts, age, income, marital status, call-center notes, and information regarding “triggering events,” such as when a plan participant is nearing retirement. It is alleged that FIIOC further uploads the participant data into a customer interaction software program that is shared with various Fidelity affiliates, who then use the data to solicit the purchase of non-plan retail financial products and services (e.g., IRAs, credit cards, and managed accounts) via multiple platforms, such as phone calls, in-person meetings, and emails.

Plan participants, individually and as a class, brought suit, charging that FIOCC breached its fiduciary duty by sharing participant data with its affiliates for the purpose of benefiting Fidelity and not for the exclusive purpose of providing benefits to plan participants and beneficiaries. The gravamen of the participants' complaint was the assertion that the participant data were plan assets over which FIOCC exercised control, subjecting it to fiduciary liability.

Participant data are not plan assets. In determining whether the participant data allegedly marketed by FIOCC were plan assets, the court looked to ERISA and the governing rules under ERISA Reg. 2510.3-101. The governing rules describe plan assets as including investments but, the court noted, do not “expressly or by any plain-language interpretation” include participant data as plan assets under ERISA.

In addition, the court stressed that no other courts have treated participant data as plan assets. The court relied heavily on Divane v. Northwestern University, in which a federal trial court in Illinois explained that, in considering what constitutes a plan asset, courts consider ordinary notions of property rights under non-ERISA law (DC IL (2018) No. 16 C 815, aff'd, CA-7 (2020), 953 F.3d). The Divane court acknowledged that confidential participant information “has some value,” but could not conclude that it is a plan asset under ordinary notions of property rights.

The court in the instant case found no reason to depart from the pervasive judicial view that participant data are not plan assets. Accordingly, the use of the data did not subject the recordkeeper to fiduciary liability and the participants' fiduciary breach claim was dismissed.

Source: Harmon v. Shell Oil Company (DC TX).

Back to Top

Interested in submitting an article?

Submit your information to us today!

Learn More