law

10 Jun Patterson Belknap Partner Craig Newman Interview With Michael Daugherty

FTC & Data Privacy: An Interview with LabMD CEO Michael Daugherty

Screen Shot 2016-06-10 at 8.02.37 AM

Click to view video

The Federal Trade Commission is expected to issue a ruling later this month in the LabMD case, a closely watched data security case that focuses on the scope and reach of Section 5 of the FTC Act. In November 2015, an Administrative Law Judge concluded — after a full trial on the merits — that the Commission failed to prove its case against LabMD. The matter has been appealed to the full Commission. Patterson Belknap partner Craig Newman sat down with LabMD CEO Michael Daugherty to discuss the appeal and its implications.

Read More

19 Mar Exclusive: DOJ probes allegations that Tiversa lied to FTC about data breaches

Things are finally starting to break through. This is the tip of the iceberg. Stay tuned.

Originally posted Thursday March 17th on Reuters

Federal agents are investigating whether cyber-security firm Tiversa gave the government falsified information about data breaches at companies that declined to purchase its data protection services, according to three people with direct knowledge of the inquiry.

The Federal Bureau of Investigation raided Tiversa’s Pittsburgh headquarters in early March and seized documents, the people said.

The Justice Department’s criminal investigation of Tiversa began after Richard Wallace, a former Tiversa employee, alleged in a 2015 Federal Trade Commission hearing that the cybersecurity firm gave the agency doctored evidence purporting to prove corporate data breaches, the people said.

Wallace testified that Tiversa falsified information to make it appear that sensitive data was being accessed by users across the country.
(more…)

Read More

10 Feb TechFreedom to FTC: If You Can’t Prove Likely Injury, You Can’t Penalize Security Practices

WASHINGTON, DC — On Friday, TechFreedom urged the Federal Trade Commissioners (FTC) not to reverse the dismissal of a lawsuit brought by FTC staff against LabMD, a small cancer testing lab that went out of business under the weight of the lawsuit, but has continued to challenge the FTC’s approach to data security with pro bono representation. In an Amicus Curiae brief, TechFreedom argues that the FTC must not ignore the most important limit that Congress has placed on the FTC’s sweeping power to prohibit business practices: that a practice must “causes or is likely to cause substantial injury.”

(more…)

Read More

16 Dec Michael Daugherty of LabMD is officially the only challenge facing the FTC as it sets (or at least enforces) cybersecurity requirements for American business

Reblogged from Lawfare

Michael Vatis tells us that Michael Daugherty of LabMD is officially the only challenge facing the FTC as it sets (or at least enforces) cybersecurity requirements for American business. That’s because Wyndham Hotels has officially given up the ghost, agreeing to twenty years of privacy and security monitoring by the FTC…..

….The podcast will be on hiatus over the holidays, but we won’t completely abandon you. While I was at a BlackHat Executive conference last week, I had a chance to do a short interview of Mike Daugherty about his LabMD experience, and we’ll be releasing that as a special bonus edition of the podcast over the Christmas break. (We’re holding it because I’ve offered the FTC a chance for equal time.  But we’ll be releasing the interview next week in any event, with or without the FTC’s input.)

Listen to the podcast here

Read More

03 Dec CDT Tech Talk – Limewire, LabMD & the FTC

 

Host Brian Wesolowski sits down with Michael Daugherty to discuss in-depth his recent court win against the Federal Trade Commission, how the long-term experience turned into his recent book “The Devil Inside The Beltway,” and more. The issue at hand raises questions about the agency’s ability to protect consumers against risky business practices that have not yet led to actual harm.

Read More

28 Nov FTC loses cybersecurity case against medical lab

Reblogged from here

The Federal Trade Commission routinely holds companies responsible for data breaches that expose consumers’ private data to intruders. But the commission’s recent loss in the case of LabMD raises questions about its ability to prevail in other consumer cybersecurity cases.

The agency had sought to hold the medical testing lab responsible for a data breach that exposed the records of 9,000 patients. But LabMD fought back, refusing to sign a consent order and arguing that there was no proof any consumer had suffered any actual harm as a result of the breach.

Late last week, FTC Chief Administrative Law Judge Michael Chappell agreed and dismissed the commission’s complaint.

“FTC spent millions of taxpayer dollars to pursue its baseless case against LabMD, an innovative and successful provider of cancer diagnostics,” said Daniel Epstein of Cause of Action Institute, which defended LabMD. “Although FTC’s ostensible justification for this boondoggle was ‘data security,’ it produced no evidence that even a single patient was harmed by LabMD’s alleged inadequacies.”

(more…)

Read More

25 Nov LabMD CEO Speaks About FTC Legal Battle

Michael was interviewed, drop by the post and listen to the interview here

After seven contentious years, LabMD won a major victory in its legal battle with the Federal Trade Commission. But CEO Michael Daugherty says his recent triumph could be short-lived, and he’s hoping – long term – that he case shines a new light on FTC’s data security enforcement practices.

(more…)

Read More

23 Nov What are they saying about Michael and LabMD’s win?

Here’s a selection of quotes from Michael and LabMD’s win against the FTC.

Enjoy!

 

Screen Shot 2015-11-23 at 10.00.23 AMThe Wall Street Journal: “The Federal Trade Commission’s Data-Security Enforcement Efforts Have Received A Setback—At The Hands Of The Commission’s Own In-House Judge. Administrative Law Judge D. Michael Chappell late Friday dismissed a long-running and sometimes bitter case involving LabMD, a former medical testing  company the FTC accused of failing to provide reasonable or appropriate cybersecurity protections for patient data.”(Brent Kendall, “Federal Trade Commission Loses Data Security Ruling,” http://blogs.wsj.com/law/2015/11/16/federal-trade-commission-loses-data-security-ruling/tab/print/)

 

 

Screen Shot 2015-11-23 at 10.23.03 AM“In A Data Security Enforcement Action That Some Have Characterized As A Modern Version Of David Vs. Goliath, David Won Today, And The FTC Lost.It was an enforcement action that the FTC never should have commenced, as I’ve argued repeatedly, and today’s loss may actually make future enforcement actions more difficult for them as the standard for demonstrating likelihood of substantial injury has now been addressed in this ruling.”(Dissent, “FTC V. LabMD Ruling Issued: FTC Loses Data Security Enforcement Case,”Databreaches.Net, 11/13/15)

 

(more…)

Read More