21 Dec An Intriguing Story on LabMD
Reblogged from InsureTrust
In Parts 1 and 2 of this series, we’ve chronicled the fight between LabMD and the Federal Trade Commission (FTC), a large Federal agency charged with protecting consumers from unfair practices. In this article, we examine a recent FTC decision and a subsequent holding by the U.S. 11th Circuit Court of Appeals for additional facets of the story.
Eventually, LabMD decided to stop being cooperative with the FTC and to fight back. And fight they did: Various lawsuits were filed challenging the FTC’s authority to come after LabMD. Though the company lost, they were able to slow the FTC down to the extent it was necessary to deal with LabMD’s counter-punches. (Since 2013, LabMD’s defense has been handled pro-bono.)
The FTC’s action began in 2013 with the filing of its formal complaint against LabMD through its administrative dispute process. Then, in 2014, a Tiversa whistle-blower called LabMD’s president to say that none of the data had ever gone beyond Tiversa. The FTC proceeding was delayed while the whistle-blower sought, and eventually obtained, immunity from the DOJ. In the meantime, Rep. Issa’s committee Staff Report was embargoed until the conclusion of the whistle-blower’s testimony. The Staff Report was clearly critical of the FTC. Ultimately, the FTC administrative law judge held for LabMD and against the FTC. The FTC appealed to the full three-member commission.
The full commission of the FTC ruled this summer that the administrative law judge was wrong, and reversed the decision. The full commission decision runs some 37 pages. In it, the commission imposes data security and regular reporting requirements on LabMD (and the use of a third-party assessor engaged by LabMD.) At least in part, the FTC tips its hand as to what it considers reasonable data security management practices to be. The costs of these FTC requirements are, according to the recent 11th Circuit ruling, hotly disputed. But they are certainly not zero.
LabMD isn’t done with the FTC yet, according to the Bloomberg article. Daugherty says that he had to lose before the full Commission (which has just occurred) in order to sue the FTC in federal court, outside the agency’s administrative arena. The Bloomberg article quotes Daugherty as saying that “I am basically opening the playbook to the world, which is what I ultimately want to do. We’re going to have a fair fight.”
That seems to be what has begun to happen. This is a complex multi-year situation with much litigation over many claims. But the “big picture” issue which should be of paramount interest to everyone is the heavy-handed action of the FTC against a small business. Apparently, the FTC views a business with the unmitigated audacity to challenge the FTC’s authority as a major threat. Their actions (described in the Bloomberg article and in a prior blog post) when they began their enforcement show that to be the case – very unambiguously.
The 11th Circuit was certainly not deferential to the FTC in its recent decision. Based on the language in the recent ruling staying the enforcement of the FTC’s full-commission order, it seems there is a solid chance the Court will look deeply (and critically) into the FTC’s actions, as well as the agency’s asserted grounds for its authority to take those actions.
This is indeed a cautionary tale about how the Federal government can destroy a company in an enforcement action, and it is a story which is not over yet – despite the destruction of LabMD as a going concern. But there may already be potentially important lessons to be learned. The details of the FTC’s decision are the subject of the next article, in an attempt to glean some guidance as to what its stated expectations of a small business are.
*AN IMPORTANT NOTE: The facts as summarized in this article are all according to published reports, and this article is only a synthesis of published reports on the subject. There is ongoing litigation, and each side contests the other’s position. This article is based in large part on Dune Lawrence’s detailed article “A Leak Wounded this Company. Fighting the Feds Finished It Off” in the April 25, 2016, issue of Bloomberg Businessweek.