16 Sep Washington Journal talks about Michael Daugherty and his FTC fight


LabMD CEO Michael Daugherty fights ‘The Devil Inside the Beltway’


Photo by Kent Hoover Michael Daugherty, CEO of LabMD, talks about his company's battle with the Federal Trade Commission at a briefing held by Tech Freedom and Cause of Action.

Photo by Kent Hoover
Michael Daugherty, CEO of LabMD, talks about his company’s battle with the Federal Trade Commission at a briefing held by Tech Freedom and Cause of Action.













You might think that LabMD is fighting a lonely battle against the Federal Trade Commission — most businesses accused by the agency of failing to “reasonably protect” the security of its customers’ data settle their cases. But LabMD not only is challenging the FTC’s complaint, its CEO also is using this case to make a point about out-of-control regulators. He’s written a book, “The Devil Inside the Beltway,” and he’s found allies in Washington, D.C. On Thursday he was the star panelist at a briefing held by Tech Freedom and Cause of Action, two organizations that question the FTC’s approach to data security.
Business owner: Michael Daugherty, president and founder of LabMD, a 25-employee medical testing lab in Atlanta.
FTC complaint: The agency last month filed a complaint accusing LabMD of failing to “take reasonable and appropriate measures to prevent unauthorized disclosure of sensitive consumer data.” Billing data, including Social Security numbers, for more than 9,000 patients of LabMD were found on a peer-to-peer file-sharing network, and LabMd documents containing sensitive personal information were found in the hands of identity thieves in 2012.
How the breach occurred: Daugherty said he learned of the problem when a cybersecurity firm contacted him in 2008 and said it saw one of LabMD’s billing files on a peer-to-peer network. LabMD had firewalls and servers to protect customers’ data, but one of its employees violated company policy and installed Limewire, a peer-to-peer file-sharing network, on her computer in order to listen to music. This made the billing information on her computer available to outsiders. Daugherty said LabMD immediately corrected this vulnerability when it discovered it.

Read the rest of the story here

If you enjoyed reading this article, sign up for my newsletter and follow me on:

Facebook |  Twitter  |   Google+  |  Pinterest  |   LinkedIn

The Devil Inside the Beltway can be purchased:

Amazon  |   Kobo  |   B&N   

Read More

25 Oct Breaking News: U.S. Chamber of Commerce Publishes Article featuring LabMD and Michael J Daugherty on Cyber Security





FBI Says, Expect to Be Hacked; FTC Says, Expect Us to Sue You

Oct 24, 2012

FBI director Robert Mueller is quoted in a CNN Money story today on the data security crisis now facing American businesses – an issue of particular importance to small businesses:

There are only two types of companies: those that have been hacked, and those that will be. Even that is merging into one category: those that have been hacked and will be again.

The U.S. Chamber continues to lead efforts to address the data security crisis, by actively engaging in discussions with Congress regarding federal data security and data breach legislation. The Chamber also recently released an Internet security guide, “Internet Security Essentials for Business 2.0.

Unfortunately, the FTC is throwing American businesses who are victims of hacking under the bus by punishing them for not successfully preventing the hacks – in spite of the stark reality described by the FBI’s Robert Mueller.

Take the FTC’s lawsuit against Wyndham Worldwide Corp., which was the victim of a global hacking scheme, as just one recent example of an FTC run amok. I explained the Wyndham case and the FTC’s approach to “regulating” data security in a recent blog post:

Over the last few years, the FTC has routinely punished businesses who are themselves hacking victims for allegedly failing to have “reasonable” data security measures in place – only there’s no way for a business to truly know beforehand what the FTC will consider “reasonable” measure until after it’s been hacked.

Because the FTC has never formally promulgated any data security standards, a business has no way of knowing whether it’s compliant until after it’s been hacked, had its data stolen, completed a costly FTC investigation, and an enforcement action has been filed against it. Then the FTC strong-arms the business into entering into so-called “settlement” agreements (or “consent orders”) that often give the FTC roving and unchecked authority for the next 20 years to conduct audits and impose penalties on the business – again, for violating non-existent data security standards.

The FTC’s approach to data security is particularly damning for small businesses, who often are compelled to divert their time and precious resources on lawyers and litigation, rather than on growing their businesses – and creating jobs.

Take the tale of LabMD, a Georgia-based cancer detection company, as just one example of how the mere allegation of inadequate data security can subject a business to years of expensive FTC investigations and reputational injury – which can derail a small business’s growth agenda, and cost jobs. The Atlanta Business Chronicle reported on this case and interviewed Michael Daugherty, LabMD’s founder and CEO:

Daugherty contends his company is being unreasonably persecuted by the FTC. He said he’s already spent about $500,000 fighting the investigation.

“We are guilty until proven innocent to these people,” Daugherty said in a Sept. 5 interview with Atlanta Business Chronicle. “They are on a fishing expedition. We feel like they are beating up small business.”

“There’s no deception. There’s not been a breach,” he said.

Of course, the initial FTC investigation (which in this case has already cost LabMD half a million dollars) is just the tip of the iceberg. In reference to its investigation, the FTC told the Atlanta Business Chronicle that “[t]here is no allegation that anybody has done anything wrong.”

If that’s the type of treatment and expenses that small businesses can expect to incur even when the FTC claims “there is no allegation that anybody has done anything wrong,” then there is certainly something wrong with how the FTC is conducting its business.

Visit to read more about the FTC v. Wyndham Worldwide Corp, et al. lawsuit and the amicus brief  filed in support of the company by the National Chamber Litigation Center, the U.S. Chamber’s public policy law firm.


Originally published October 24, 2012. Reprinted by permission,, October 2012. Copyright© 2012, U.S. Chamber of Commerce.

~   ~   ~

Michael Daugherty is President & CEO of LabMD, an Atlanta-based clinical and anatomic medical laboratory with a national client base. Mike founded LabMD in 1996 after 14 years in surgical device sales with U.S. Surgical Corp. and Mentor Corporation.

Outside of LabMD, enjoys playing tennis, travel, and flying his Cirrus SR22 Turbo single engine aircraft.

Mike can be found:

Facebook * Twitter * LinkedIn * Pinterest

Google+ Michael J Daugherty

Read More

07 Sep Breaking News – Michael J Daugherty interviewed in the Atlanta Business Chronicle

I was interviewed by Amy Wenk, staff writer of the Atlanta Business Chronicle today.  They asked some interesting questions about the Federal Trade Commission and how they conduct themselves.

To see a full copy of this article, click to download .

For a link to see the preview on the Atlanta Business Chronicle, click HERE.

What are your thoughts on this?


Stay tuned for more news about this and my new book The Devil inside the Beltway:The Devil Inside the Beltway Cover

Read More