photo credit:

24 Jan LabMD sues Tiversa for Racketeering, Conversion, Fraud … And more.

photo credit:

After years of throwing everything they’ve got in the path of justice, including taking LabMD’s medical data, trying to prevent the publication of Michael J. Daugherty’s book, The Devil Inside the Beltway, and attempting to manipulate a former Tiversa employee (who has recently received immunity from the Justice Department in what the Administrative Law Judge called Tiversa’s “improper attempt to place evidence on the public record, unilaterally, with the transparent purpose of impugning the credibility of anticipated testimony and/or influencing the immunity process”), recent events and admissions, detailed in the Complaint, have provided key evidence of Defendants’ illicit actions.


read the lawsuit here….


LabMD vs Tiversa Holding Corp, Robert J. Boback, M. Eric Johnson

Read More

22 Aug The Eleventh Circuit is holding oral arguments


Screen shot 2014-08-22 at 5.55.03 AM

The Eleventh Circuit has announced that they are going to hold oral arguments in LabMD’s case even though the appellate court had refused. See below for Law 360’s reporting of this development. To view the original article, click HERE.

The Eleventh Circuit said Wednesday that it has decided to hold oral arguments on LabMD Inc.’s latest bid to halt the Federal Trade Commission from policing corporate data-security standards, a dispute which the appellate court has already once refused to entertain.

In a brief docket entry, the appellate court announced that it “has determined that oral arguments will be necessary in this case,” which LabMD mounted in May after a Georgia district court ruled that it lacked jurisdiction to consider whether the FTC had overstepped its statutory authority by bringing a closely-watched administrative proceeding accusing the laboratory of failing to implement reasonable data security standards to protect private health information.

The Eleventh Circuit in May declined to hear the appeal on an expedited briefing schedule or grant a stay of the administrative proceeding pending its review of the lower court’s ruling, but both the laboratory and the FTC have since filed their briefs in the case, leading the appellate court to issue its oral argument determination Wednesday.

“The court’s decision to grant oral argument indicates that this case presents important issues about the FTC’s abuse of authority, and we are optimistic that LabMD will prevail once all arguments are made,” Cause of Action Executive Director Dan Epstein said in a statement Wednesday.

The court has yet to set a date for oral arguments, and a representative for the FTC could not be immediately reached for comment Wednesday.

The often contentious dispute between the regulator and medical testing laboratory began in August 2013, when the FTC filed an administrative complaint alleging that LabMD failed to safeguard medical and financial information on nearly 1 million customers and allowed data to leak on to the peer-to-peer file-sharing network LimeWire and into the hands of identity thieves.

Instead of settling the claims, LabMD became only the second company, after hotel chain Wyndham Worldwide Corp., to push back at the commission’s authority to regulate the security of consumer information as an “unfair” practice under Section 5.

Besides responding to the administrative complaint, the company also asked the District of Columbia and the Eleventh Circuit in separate filings to halt the commission from proceeding with its action.

In February, the Eleventh Circuit ruled that it could not review the Section 5 challenge because the statute “only gives courts of appeal authority to review an order of the commission to cease and desist from using any method of competition or act or practice, [and] there is no such order here.”

The determination led LabMD to abandon the complaint it already had brought in the District of Columbia for an injunction halting the administrative case and file a new complaint in Georgia.

In May, the Georgia federal court threw out the suit, ruling that district courts are in no position to interfere with ongoing administrative enforcement actions.

After the Eleventh Circuit refused to disrupt the proceeding in May, the FTC responded to the laboratory’s appeal by urging the appellate court to uphold the lower court’s holding that it is premature for the court to become involved in the administrative proceeding.

If the outcome of the proceeding ends up being unfavorable to LabMD, it can bring its challenge at that point, the FTC asserted in its brief.

But LabMD countered in an Aug. 11 reply brief that the court should be able to review an executive branch agency’s action under the Administrative Procedure Act before the administrative case concludes, and that its First Amendment retaliation claim can proceed because constitutional claims arising in an administrative case need not wait until the agency takes a final action.

The disputed trial before the administrative law judge that LabMD is seeking to halt began in May, although the proceedings were quickly put on hold and have yet to resume following the discovery that a Republican-led House committee is investigating data security firm Tiversa Inc., which is a key player in the FTC’s case.

LabMD is represented by Cause of Action, which has retained Ronald L. Raider, Burleigh L. Singleton and William D. Meyer of Kilpatrick Townsend & Stockton LLP, and Reed D. Rubinstein of Dinsmore & Shohl LLP.

The FTC is represented by its own Perham Gorji, and by Mark B. Stern, Lauren Fascett, Adrienne E. Fowler and Abby Christine Wright of the U.S. Department of Justice.

The case is LabMD Inc. v. Federal Trade Commission, case number 14-12144, in the U.S. Court of Appeals for the Eleventh Circuit.

Read More

23 Jul Breaking News!


Hearing Tomorrow to Examine the Federal Trade Commission’s Data Security Enforcement Authority


WASHINGTON – Tomorrow, House Oversight and Government Reform Committee Chairman Darrell Issa (R-Calif.) will convene a hearing titled, “The Federal Trade Commission and Its Section 5 Authority: Prosecutor, Judge, and Jury.”  The hearing will examine the FTC’s enforcement practices with respect to data security, as well as the basis of recent FTC actions related to data security practices.

In addition, the hearing will examine the sources of the FTC’s information for several recent data breach investigations, which have been the subject of an ongoing Committee investigation. Witnesses include organizations that the FTC has contacted or investigated after they refused to purchase “cyber-intelligence” services from Tiversa, Inc.


Hearing Details:

“The Federal Trade Commission and Its Section 5 Authority: Prosecutor, Judge, and Jury”

Full Committee Chairman Darrell Issa (R-Calif.)

9:30 a.m. in Rayburn 2154. The hearing will be streamed live at




Mr. Michael Daugherty

Chief Executive Officer

LabMD, Inc.


Mr. David Roesler

Executive Director

Open Door Clinic of Greater Elgin


Mr. Gerard Stegmaier


Goodwin Procter


Mr. Woodrow Hartzog

Associate Professor
Samford University

Contact:  Becca Watkins, 202.225.0037

Read More


Photo credit: Medieval Warfare Armour & Shields

Folks, the Federal Trade Commission has only just begun to take off their gloves in their 21st Century updating of medieval torture. While their old machines are in the museums, their new tactics have gone high tech and LabMD is tightly strapped to their slab.

All professional tyrants and bullies have plenty of tricks up their sleeves. This nest is no exception. For starters, the FTC seduced Congress into allowing the FTC to make their own rules and have their own Administrative Court . This is very handy when the judge makes an adverse decision, as the commissioners sit above him and can flip his decision like a Sunday morning omelette. Yes, we spend months and millions in an Administrative Court and if the FTC jailers don’t like the ruling they can just overturn it. Prosecutors in the real world would kill for this type of power, and with that in their back pocket, off the FTC goes choosing from their smorgasbord of tricks and tactics, due process and fair notice be damned. Here is a sampler:

Trick One:  Use the court (inside the FTC building called the Administrative Court) to drain the victim dry by making him spend millions defending himself. Always good to starve the victim to get a nice loose skin. The courts have ruled repeatedly that they won’t interfere until this bloodletting is completed. Once this is over, off you go to Federal court to pay the game again.

Trick Two:  Allow the media to assume, using the very well worn FTC habit of lying through omission, that the judge decides on motions to dismiss.  This is a lie. The FTC decides what the judge sees. The FTC likes to keep a bag over the judge’s head because cowards don’t deign to play fair.

Trick Three:  Break every rule in the book if you have to, as the FTC banks on your very short attention span. For example, in our trial the FTC has rested their case. Does that stop them from trying to enter additional evidence as their case implodes? Why don’t be silly! Rules don’t apply to the Gods. They are just laying bread crumbs on the trail to flipping Judge Omelette.

Trick Four: Scare every future organization into early submission by making the execution of LabMD particularly dirty and gruesome. Show no shame. Sink as low as possible. Destroy a cancer detection center. Kill jobs. Trample into healthcare like a bull in a china shop. Lie, cheat, and be so outrageous that the mention of your name makes every CEO run for cover. After all, this is America. The FTC knows all too well the odds of their being held accountable are laughably low.

While this is just a sampler from the FTC’s menu, let me assure you that they aren’t done with me. Hell hath no fury like cowards caught in the act.

Is Congress beginning to wonder what the hell is going on over at the FTC?   Congress rarely acts, the media doesn’t report and the American people don’t pay attention. The FTC banks on it. But so far we have pleading of the 5th and more fun to come. The FTC’s utter lack of integrity will be put on display for all the world to see. Maybe this time things will be different.

I understand you may find my acid words over the top and dramatic. To this I implore,  “Watch and remember.” As I mentioned to an FTC lawyer just this past weekend: Shameless.


Photo credit: Medieval Warfare Armour & Shields

Read More

08 Jun LabMD Vows to Nail Tiversa in FTC Data Security Row



A great article reblogged from Law 360 outlining the latest news in the lawsuit.

 LabMD Inc. pledged Tuesday to grill Tiversa Inc. representatives about how they obtained a confidential spreadsheet that has formed the foundation of the Federal Trade Commission’s data security claims against LabMD, once a trial delay prompted by a congressional probe of Tiversa is lifted.

During a conference call with reporters, LabMD CEO Michael J. Daugherty and Cause of Action Senior Vice President Reed Rubinstein, who is one of the attorneys representing the cancer screener, expounded on the “very unexpected development” in its data security fight with the FTC that transpired last week, after cyberintelligence firm Tiversa informed Administrative Law Judge D. Michael Chappell that it was being investigated by the House Oversight and Government Reform Committee.

As a result of the surprising probe, which Rubinstein said is “apparently related to Tiversa’s relationship with federal agencies generally,” the Tiversa executive and employee who were slated to appear before the administrative court Friday refused to testify, leading Chappell to place the trial in recess until June 12, to allow counsel to determine how the congressional probe would impact the trial.

“As far as LabMD is concerned, we were prepared and remain prepared to go forward with adjudication once Judge Chappell allows us to do so … and examine the witnesses to find out what really happened,” Rubinstein said Tuesday. “There are still lots of questions remaining about the FTC’s investigation and the underlying basis of the case.”

The temporarily stalled administrative proceeding began in August, when the FTC filed a complaint alleging that LabMD violated the unfairness prong of Section 5 of the FTC Act, by failing to safeguard medical and financial information on nearly 1 million customers and allowing data to leak onto peer-to-peer file-sharing network LimeWire and into the hands of identity thieves.

According to the commission’s complaint, the central data leak onto LimeWire of certain “insurance aging reports” containing confidential patient information was allegedly discovered by Tiversa, a data security company who alerted LabMD in May 2008 that it had obtained the reports.

Being able to depose the designated Tiversa representatives — namely, CEO Robert Boback and former employee Rick Wallace — to ascertain exactly how the company came into possession of the file is vital to disproving the FTC’s allegations that the cancer screener lacked reasonable data security, Daugherty and Rubinstein said Tuesday.

“The prominence and admissibility of the evidence in question remains arguable,” Daugherty said. “The FTC made the [Limewire] file the foundation of the case and … of claims from experts. If there are questions and it turns out that the file was not taken appropriately or where it was found was not true, then the bedrock would disappear.”

While reluctant to get into specifics, Rubinstein told reporters that LabMD’s counsel had been planning to question the Tiversa representatives about “a variety of circumstances and occurrences” related to the file that “was really the centerpiece of the action.”

“There’s a dispute about the circumstances under which that file was obtained, so we suspected that would have been part of [the questioning],” he said. “We are ready and anticipating on June 12 starting up and proceeding with the examination we would have done last Friday.”

If events go as LabMD hopes, the June 12 hearing is likely to feature the testimony of Wallace, who on Friday indicated, through his attorney William Burck of Quinn Emanuel Urquhart & Sullivan LLP, that he would invoke his Fifth Amendment right against self-incrimination if called on to testify in light of the congressional probe that he’d reportedly learned of the day before the hearing.

The delay in the trial is intended to give Wallace time to work out a potential immunity deal with the House Oversight Committee that would extend to his trial testimony, an arrangement that Burck told the court Friday that his client is in the process of negotiating.

As for Boback, his attorney Jarrod D. Shaw of Reed Smith LLP informed the court Friday that Boback could not testify, although he didn’t elaborate as to whether he would also plead the Fifth. Rubinstein said Tuesday that he is hopeful that LabMD’s counsel would be able to depose Boback this week outside of court, in accordance with a deal hammered out last week to accommodate Boback’s planned travels to Africa.

In the meantime, LabMD — which has stopped providing all services except for furnishing records to former patients, a task that Daugherty said he is handling on his own on a volunteer basis — and its counsel intend to “sit back” and see if the congressional probe shines any light on their long-running assertion that the FTC is unfairly targeting the cancer screener based on faulty evidence, according to Rubinstein.

“We’ve always found it quite hard to understand why the commission has chosen to devote massive amounts of staff time and resources to this case, and now there appears to be a House investigation that apparently addresses certain aspects of the subject matter of the case,” he said. “We hope that once all the facts are out, cooler heads will prevail, and the commission will do the right thing.”


Reblogged from Law360; Click HERE to read the rest of the article.


Read More

30 May FTC Power Tested at Data Trial



Just to keep you up to date with what’s happening in the trial, please read the following by Jenna Greene of The National Law Journal Screen shot 2014-05-29 at 7.56.19 AM


In a challenge to the Federal Trade Commission’s power to go after companies for data security breaches, lawyers for medical-testing company LabMD Inc. last week called the government’s allegations against it “far-reaching and ludicrous.”

Dinsmore & Shohl partner William Sherman II argued before Chief Admin­istrative Law Judge D. Michael Chap­pell last week that the FTC overreached when it sued LabMD in August 2013 for failing to protect consumer privacy in violation of Section 5 of the FTC Act.

“This case is more about what could have happened, what might happen or might have happened, but certainly not about what happened,” Sherman said as the proceeding opened on May 20. There was no evidence that any consumer was harmed by a data breach that revealed personal information for nearly 10,000 people, he said.

FTC attorney Alain Sheer responded with a methodical and lengthy list of LabMD’s data security shortcomings. The company’s data security practices “were not close to being reasonable,” he said. As a result, highly sensitive information — including names, birth dates, Social Security numbers and medical-test results for conditions such as ­cancer — was “out there for the world to see.”

LabMD’s security, he said, “was equivalent to a castle with half a moat and holes in its outer walls.”

Among the key questions before the judge: Can the FTC go after LabMD for the breach even though the agency has never specifically promulgated data security standards? Furthermore, the U.S. Department of Health and Human Services (HHS) already regulates privacy and data security in the health care field under the Health Insurance Portability and Accountability Act of 1996 — can the FTC impose stricter standards on top of those rules?

LabMD said in a pretrial filing, “If FTC may lawfully overregulate HHS, add to [the health act] and attack LabMD using its Section 5 unfairness authority … it may overregulate in the fields of employment law or nuclear energy or any other myriad of regulated areas which naturally could harm consumers. Clearly then, there is no end to FTC’s power.”

To read more of this article, click here.

Read More

04 May The Judge Made Them Do It


So the headline read “FTC told to disclose the data security standards it uses for breach enforcement”, and I thought to myself, “This is a headline? The government agency that wants to police the business world feels so superior that it required a judge to make them disclose what standards are required? No wonder it has taken the world so long to pay attention to this. It sounds unbelievable. How can we comply in the dark?” Well, believe it. This is the arrogance of the US Government Regulatory Regime.

And that, my friends, is the bottom line. I don’t mind complying. I embrace protecting our patients. However, I do not appreciate a power hungry government agency refusing to deal with the reality that technology is changing at an incredibly fast pace and until they, the self-appointed rulers of the consumer protection world, declare what is to be done, then they need to back off.

The FTC plays games. They play bad, damaging, lawyer games. The FTC displays their sociopathic exploitation of a medical facility, asks for forgiveness later, and drains the life blood out of organizations that fight them, all to strike terror in the hearts of everyone else that may consider a battle. They have the audacity to state they don’t need to declare data security rules or standards. They are nothing more than masters of silence and confusion. Justice is a mockery at the Federal Trade Commission.  All they are doing is shopping for heads to place on spikes.

This is what bad, coddled, and sheltered government lawyers do. They play games with words and laws. They argue, cajole, debate and drain. It is all about power to the FTC. They are aiming to intimidate the majority of businesses into rolling over before they get to court. They are scheming to keep their power to bully.

When an ignorant yet powerful bureaucrat with one nasty attitude came knocking on our door with not a shred of concern with what they are doing to medicine, patients, and practitioners, the line in the sand had been drawn. This is a battle worth fighting because it rips the mask off these liars and shows the world exactly what the FTC is. A bunch of puffed up bullies that require a judge to tell the world what standards we are to meet. A four year battle raged that has cost millions of dollars all to make the FTC  fight fair. I am sure they chuckle and how much it took for such a basic requirement.

This is not the end of the game. This is just the end of an inning. I have more of their game to show you. This is the game that Congress created. This is the game that judges and lawyers in DC play. This is the dirty secret game that scares so many into submission so you never hear the cries of the dead. These are bullies created by a lazy political and judicial system that think the intent of the Founding Fathers to separate government powers is an annoying obstacle to the regulatory work they have to do. To hell with civil rights and proper notice, they have consumers to save.

And that “they have consumers to save” mantra is the propaganda they crow out at every Congressional hearing and public meeting they attend. But behind the mask is a bunch of zealots with precious little experience in the private sector. They are drowning in their adolescent attitude that business is evil. They just know it is so bad out here that they have to slap a head on the spike of one company to scare the masses into submission.

Through fate that head turned out to be mine. The FTC is so outrageous and ripe for corruption that I had no choice to fight back. So far it has cost LabMD its life. I hope you will pay attention to the rest of their game so the death of LabMD is not in vain. Once one head on a spike is placed on the roof of 600 Pennsylvania Avenue they just start looking for another…until we see them for what they are and the executioners lose their ax.

Read More

03 May FTC told to disclose the data security standards it uses for breach enforcement

Screen shot 2014-05-03 at 8.07.23 AM

As reported in Computerworld yesterday, there was a legal decision handed down  in favor of  LabMD.  See a short quote of the article from Computerworld below and to read the whole post, click HERE.


The Federal Trade Commission (FTC) can be compelled to disclose details of the data security standards it uses to pursue enforcement action against companies that suffer data breaches, the agency’s chief administrative law judge ruled Thursday.

The decision came in response to a motion filed by LabMD, a now-defunct medical laboratory that has been charged by the FTC with unfair trade practices for exposing sensitive information belonging to 10,000 patients in 2010.

LabMD has accused the FTC of holding it to data security standards that do not exist officially at the federal level. It has maintained that the agency must publicly disclose the data security standards it uses to determine whether a company has reasonable security measures in place.

The FTC argued that it should not be required to disclose the legal or other standards it uses to determine whether a company’s data security practices are unfair or not under Section 5 (a) of the FTC Act.

In a six-page ruling, the FTC’s chief administrative law judge, Michael Chappell, nixed that argument and held that the Commission can indeed be compelled to disclose the information in the LabMD case.

The official response to yesterday’s ruling:

LabMD, a medical facility, is cautiously optimistic that the FTC will be forced to step into an era of fairness and transparency in notifying the business community, both large and small, what their data security standards are. LabMD still strongly objects to the FTC’s overreach into the medical regulatory environment overseen by HHS via HIPAA.

Read More