Blog

25 Nov Kirkus Review

So happy to share my Kirkus Review!

 

TITLE INFORMATION

THE DEVIL INSIDE THE BELTWAY

The Shocking Exposé of the US Government’s Surveillance and Overreach into Cybersecurity, Medicine and Small Business Daugherty, Michael J. Broadland Press (504 pp.)

$29.95 hardcover, $19.95 paperback, $9.99 e-book ISBN: 978-0985742201; September 17, 2013

BOOK REVIEW

Small-business owner Daugherty, in his debut, recounts how he uncovered shady practices going on behind closed government doors.

In May 2008, several years before government surveillance became an explosive issue in America, everything was going well at an Atlanta cancer-detection facility that the author started 12 years before. Then he received a call from someone at a data security firm who claimed to have his patients’ confidential medical data. What initially seemed like extortion turned out to be part of an investigation by the Federal Trade Commission—and Daugherty began to realize that there were forces at work beyond his control. Using emails, letters, cited sources, extensive research and data, the author explains how he eventually uncovered a relationship between the FTC and various private security firms, who, instead of trying to stop malware that preys on private information, instead attack small businesses—the malware’s victims—for security failures. Daugherty’s story is harrowing and hard to ignore: Orwellian in its exploration of government overreach and lawyer doublespeak and Kafkaesque in its nightmarish depiction of innocent citizens falsely accused. Daugherty has clearly done his research, and he skillfully explains the political processes that he believes lie at the heart of the FTC’s questionable practices. At times, the book reads like an engaging thriller, but it also drags at points and, overall, may be too long for its own good. Some readers may wish that the author were less concerned with minutiae, or eased up on some of the more hard-line anti-establishment rhetoric; if the book were tighter and more streamlined, it might have been far greater. That said, as it stands, it’s an effective and frightening cautionary tale.

A true story of a businessman’s struggle in the digital information age.

Read More
Michael Daugherty at the Chris Evert Tennis Classic

04 Oct Michael J. Daugherty to Participate in 2013 Chris Evert Celebrity Pro-Am

Come join Michael at the Chris Evert Celebrity Tennis Classic hosted at the Delray Beach Tennis Center and Boca Raton Resort and Club in Delray, Flordia this year! The Pro-Am boasts an all-star roster that includes: Chris Evert, Kristin Chenoweth, John Lovitz, Alan Thicke, Gavin Rossdale, Scott Foley and many more. All proceeds go to charity to help drug and child abuse in Florida.

The event takes place November 15 – 17, 2013. For more information, please visit www.chrisevert.org

If you enjoyed reading this article, sign up for my newsletter and follow me on:

Facebook |  Twitter  |   Google+  |  Pinterest  |   LinkedIn

The Devil Inside the Beltway can be purchased:

Amazon  |   Kobo  |   B&N   

Read More

30 Sep Dissenting Statement of Commissioner J. Thomas Rosch

Quote from Petitions of LabMD

I generally agree with Commissioner Brill’s decision to enforce the document requests and interrogatories, and to allow investigational hearings to proceed. As she has concluded, further discovery may establish that there is indeed reason to believe there is Section 5 liability regarding petitioners’ security failings independent of the “1,718 File” (the 1,718 page spreadsheet containing sensitive personally identifiable information regarding approximately 9,000 patients) that was originally discovered through the efforts of Dartmouth Professor M. Eric Johnson and Tiversa, Inc. In my view, however, as a matter of prosecutorial discretion under the unique circumstances posed by this investigation, the CIDs should be limited. Accordingly, without reaching the merits of petitioners’ legal claims, I do not agree that staff should further inquire – either by document request, interrogatory, or investigational hearing – about the 1,718 File. Specifically, I am concerned that Tiversa is more than an ordinary witness, informant, or “whistle-blower.” It is a commercial entity that has a financial interest in intentionally exposing and capturing sensitive files on computer networks, and a business model of offering its services to help organizations protect against similar infiltrations. Indeed, in the instant matter, an argument has been raised that Tiversa used its robust, patented peer-to-peer monitoring technology to retrieve the 1,718 File, and then repeatedly solicited LabMD, offering – 2 – investigative and remediation services regarding the breach, long before Commission staff contacted LabMD. In my view, while there appears to be nothing per se unlawful about this evidence, the Commission should avoid even the appearance of bias or impropriety by not relying on such evidence or information in this investigation.

Read More

18 Sep Critics tell FTC to back off on data security complaints

 

The agency has no specific data security rules and operates from a vague statute, critics say

The FTC should back away from authority it says it has under a vague section of law that doesn’t mention data security, said the critics, including Mike Daugherty, CEO of Atlanta diagnostic lab LabMD, which is fighting an FTC complaint.

The agency should instead seek specific authority to enforce data security rules from the U.S. Congress and should define what data security standards it expects from companies, instead of seeking sanctions on a case-by-case basis, said speakers during a discussion on FTC authoritysponsored by TechFreedom, an antiregulation think tank, and Cause of Action, a government watchdog group defending LabMD.

The FTC’s complaint against the small lab wasn’t based on established rules that agency officials could point to, Daugherty said.

The FTC, instead of looking for real consumer harm, seems to be saying, “We’re going to take one victim and going to hold them accountable,” said Gerry Stegmeier, a privacy and data security lawyer.

 

Find more of the story here.

If you enjoyed reading this article, sign up for my newsletter and follow me on:

Facebook |  Twitter  |   Google+  |  Pinterest  |   LinkedIn

The Devil Inside the Beltway can be purchased:

Amazon  |   Kobo  |   B&N   

Read More

17 Sep Meet Michael Daugherty in Las Vegas September 18th

Network Security 2013 come meet Michael Daugherty and hear about his story.

InfoSec Vertigo: Small Medical Lab Wages War Against InfoSec Vendor, US Government, and Big DC Law Firm

  • Benjamin Wright and Michael Daugherty, President of LabMD
  • Wednesday, September 18th, 7:15pm – 8:15pm

Chilling true story: Aggressive infosec vendor magically acquires patient file from small medical lab, then campaigns for a hefty fee to ‘remedy’ the problem. Lab refuses to pay; vendor conveniently gives the file to US Federal Trade Commission, saying it was compromised in a security breach. Years of investigation and litigation ensue. Learn how our legal system separates fact, fiction, and ego in a modern cyber security incident.”

You can find more information here.

If you enjoyed reading this article, sign up for my newsletter and follow me on:

Facebook |  Twitter  |   Google+  |  Pinterest  |   LinkedIn

The Devil Inside the Beltway can be purchased:

Amazon  |   Kobo  |   B&N   

Read More

16 Sep Washington Journal talks about Michael Daugherty and his FTC fight

 

LabMD CEO Michael Daugherty fights ‘The Devil Inside the Beltway’

 

Photo by Kent Hoover Michael Daugherty, CEO of LabMD, talks about his company's battle with the Federal Trade Commission at a briefing held by Tech Freedom and Cause of Action.

Photo by Kent Hoover
Michael Daugherty, CEO of LabMD, talks about his company’s battle with the Federal Trade Commission at a briefing held by Tech Freedom and Cause of Action.

 

 

 

 

 

 

 

 

 

 

 

 

You might think that LabMD is fighting a lonely battle against the Federal Trade Commission — most businesses accused by the agency of failing to “reasonably protect” the security of its customers’ data settle their cases. But LabMD not only is challenging the FTC’s complaint, its CEO also is using this case to make a point about out-of-control regulators. He’s written a book, “The Devil Inside the Beltway,” and he’s found allies in Washington, D.C. On Thursday he was the star panelist at a briefing held by Tech Freedom and Cause of Action, two organizations that question the FTC’s approach to data security.
Business owner: Michael Daugherty, president and founder of LabMD, a 25-employee medical testing lab in Atlanta.
FTC complaint: The agency last month filed a complaint accusing LabMD of failing to “take reasonable and appropriate measures to prevent unauthorized disclosure of sensitive consumer data.” Billing data, including Social Security numbers, for more than 9,000 patients of LabMD were found on a peer-to-peer file-sharing network, and LabMd documents containing sensitive personal information were found in the hands of identity thieves in 2012.
How the breach occurred: Daugherty said he learned of the problem when a cybersecurity firm contacted him in 2008 and said it saw one of LabMD’s billing files on a peer-to-peer network. LabMD had firewalls and servers to protect customers’ data, but one of its employees violated company policy and installed Limewire, a peer-to-peer file-sharing network, on her computer in order to listen to music. This made the billing information on her computer available to outsiders. Daugherty said LabMD immediately corrected this vulnerability when it discovered it.

Read the rest of the story here

If you enjoyed reading this article, sign up for my newsletter and follow me on:

Facebook |  Twitter  |   Google+  |  Pinterest  |   LinkedIn

The Devil Inside the Beltway can be purchased:

Amazon  |   Kobo  |   B&N   

Read More

13 Sep LabMD CEO Michael Daugherty fights ‘The Devil Inside the Beltway’

Screen Shot 2016-01-11 at 11.24.59 AM

Quote from The Business Journals

You might think that LabMD is fighting a lonely battle against theFederal Trade Commission — most businesses accused by the agency of failing to “reasonably protect” the security of its customers’ data settle their cases. But LabMD not only is challenging the FTC’s complaint, its CEO also is using this case to make a point about out-of-control regulators. He’s written a book,“The Devil Inside the Beltway,” and he’s found allies in Washington, D.C. On Thursday he was the star panelist at a briefing held by Tech Freedom and Cause of Action, two organizations that question the FTC’s approach to data security.

Read More

11 Sep FTC complaint against medical laboratory signals agency’s continued intent to assert authority in data-security-breach actions

Screen Shot 2016-01-11 at 11.27.57 AM

Quote from Lexology

In taking action against medical laboratory LabMD, the U.S. Federal Trade Commission demonstrated its continued intent to assert authority through the Federal Trade Commission Act in data-security-breach actions. On August 29, 2013, the FTC announced the filing of an administrative complaint alleging that LabMD failed to take reasonable measures to protect sensitive consumer information. TheLabMD action is notable because almost all other actions in which the FTC has made similar allegations have settled without being litigated. The action may result in an administrative law judge ruling on the theory of liability advanced by the FTC in these prior cases, none of which has ever drawn a judicial opinion on the merits, and should accordingly be monitored closely by all companies that collect or use consumer information.

 

Read More

11 Sep PSYCHICS, RUSSIAN ROULETTE, AND DATA SECURITY: THE FTC’S HIDDEN DATA-SECURITY REQUIREMENTS

Quote from document

Data breaches continue to grab headlines. According to a recent report published by Verizon, there were at least 855 data breaches affecting over 174 million data records in 2011 across the globe. According to the report, most data breaches involved malicious activity by outsiders. In other words, most of the entities with a reported data breach are victims of criminal activity.

Read More

10 Sep LabMD Slams ‘Oppressive’ FTC Subpoenas In Data Breach Row

Screen Shot 2016-01-11 at 11.31.01 AM

Quote from Law 360

LabMD Inc. on Tuesday slammed the Federal Trade Commission over some three dozen third-party subpoenas it has issued in its ongoing investigation of alleged security breaches at the cancer diagnosis firm that the agency claims exposed the private medical information of thousands of consumers.

LabMD characterized the FTC’s move, which it said follows after years of discovery during which the firm has already submitted over 5,000 pages of documents since 2010, as an undermining tactic meant to harm its reputation and sap its financial resources

Read More