Cybersecurity firm NortonLifeLock became the latest company to be hit with a shareholder derivative lawsuit alleging that, despite company statements about its  commitment to diversity and inclusion, the company’s board and senior management lacks racial diversity. The NortonLifeLock lawsuit follows after substantially similar lawsuits – filed by the same law firm – were previously filed against Oracle (about which refer here), Facebook (here), and Qualcomm (here). A copy of the August 5, 2020 lawsuit against NortonLifeLock’s board can be found here.


The NortonLifeLock Lawsuit

On August 5, 2020, a company shareholder filed a shareholder derivative lawsuit in the Northern District of California against the board of directors of NortonLifeLock, as well as against the company as nominal defendant.  NortonLifeLock previously was known as Symantec; it changed its named in 2019 after a series of corporate transactions that spun off other operating businesses. The complaint asserts claims against the board for breach of fiduciary duty; aiding and abetting breach of fiduciary duty; abuse of control; unjust enrichment; and violation of Section 14(a) of the Securities Exchange Act of 1934.


The complaint alleges that despite the company’s statements “that it is committed to diversity and inclusion, NortonLifeLock has failed to create and diversity at the very top of the Company – the Board of Directors.” The complaint alleges that the company does not have an African American on its board. The complaint alleges that the one Asian on the company’s board “was not appointed to increase diversity, but instead because his employer, Silver Lake, invested in the Company.” The complaint also alleges that there are no African Americans among the company’s senior executives and that the company’s Chief People & Culture Office is white.


The complaint alleges that despite the company’s statements about its commitment to diversity, the company “has made no real efforts to promote diversity on its Board and among its senior executives,” even though the company has been called out in the business press for the lack of racial diversity on its board.


The complaint alleges that the company’s directors have “deceived stockholders and the market by claiming to have concrete and specific inclusion and diversity programs that are measurable and produce actionable tasks.” In doing so, the complaint alleges, the directors “have breached their duty of candor and have also violated the federal securities laws.” Their conduct has also “irreparably harmed NortonLifeLock.”


The complaint also alleges that the defendants’ conduct “constitutes bad faith and disloyal acts, giving rise to claims that fall outside the scope of the business judgment rule and outside permissible indemnification by NortonLifeLock.” The complaint alleges further that as a result “all members of the Board face a substantial likelihood of liability and any demand on them to bring this case would be a futile and useless act.”


The complaint seeks a number of different remedies, including a requirement that the Chief People and Culture Officer should immediately “create a substantive plan for diversity and inclusion” for the board, senior management, and throughout the company; that at least one board member should resign in advance of the company’s upcoming September 8, 2020 annual meeting, and a Black person to be nominated at that time, with an additional person of color to be nominated prior to the 2021 annual meeting; that all directors should return their 2020 compensation; that the company should agree to adopt an annual diversity report; that the company should create a $500 million fund to hire blacks and minorities to management positions, and to establish and maintain a mentorship program for minorities; that the company should require annual diversity training for the board; and that the company should set five year hiring goals for blacks and minorities, with executive compensation tied in part to the company’ success in meeting the goals.



The allegations against NortonLifeLock’s board are virtually identical to the allegations raised in the lawsuits previously filed against Oracle, Facebook, and Qualcomm. Indeed, some of the text in the NortonLifeLock complaint is literally identical to the text of the prior complaints. The similarity arguably is unsurprising, as the same lawyer filed all four of the complaints. In each case, the complaints allege that the company’s boards lack any African American directors.


The complaint against the NortonLifeLock’s board does not mention the current racial justice movement. It does not mention Black Lives Matter. However, the complaint, and in particular, the timing of the filing of the complaint, obviously are linked to the recent protests and demonstrations.


As I noted in connection with the filing of the prior lawsuits, the filing of this lawsuit does show how the current racial justice movement in the U.S. not only has important implications for the social and political context for businesses in this country, but also creates dynamics – including the threat of litigation—that put pressure on business to reexamine past practices. In particular, the racial justice movement does shine a harsh light on the absence of African Americans on the boards of many companies and does put pressure on companies to increase board diversity, in ways that may not have existed in the past.


It does seem worth emphasizing that all four of these lawsuits have been filed by the same lawyer, who, it should be noted, is white, but who nevertheless seems to be waging a one man war against companies lacking African Americans on their boards. So far at least he as targeted West Coast technology companies. NortonLifeLock is the first company targeted that does not have its headquarters in California, but in fact the company only recently relocated its headquarters to Arizona from its prior location in Silicon Valley.


It seems likely that other companies will be sued as well. The complaint itself reference a recent Newsweek article that identified the 20 largest U.S. companies without a black person on the board. Qualcomm and Oracle were on the list, but Facebook and NortonLifeLock were not. In other words, there are a lot of companies that could get hit with one of these board diversity lawsuits.


Even though this rash of lawsuits is the handiwork of a single lawyer self-appointed to carry out this mission, these board diversity lawsuits arguably represent one of this year’s most important D&O liability trend, particularly in the context of the current racial justice movement. I suspect we will see more of these types of lawsuits in the weeks and months ahead.