Michael in Print

26 Apr BusinessWeek reports on the FTC destruction of LabMD

Reblogged from Bloomberg Businessweek

A Leak Wounded This Company. Fighting the Feds Finished It Off

Michael Daugherty learns the high price of resistance.

michael_daugherty_at_home__01

Daugherty at home. Most of what remains of his $4.6 million business fits in his garage.

The first phone call that changed Michael Daugherty’s life came in May 2008. Daugherty was a happy man, running a good business in a nice place. That’s how he talks about it, like the opening five minutes of a movie, setting up how great everything is before disaster strikes. His Atlanta-based company, LabMD, tested blood, urine, and tissue samples for urologists, and had about 30 employees and $4 million in annual sales.

Daugherty is a middle-aged guy distinguished by small, kind brown eyes and a big, meaty laugh—a business everyman of a certain vintage, with a salesman’s mix of friendly and aggressive. He’s from Detroit, and you can occasionally hear it in his vowels. Kevin Spacey could play him in the movie.

Here’s where the story turns dark. That Tuesday, LabMD’s general manager came in to tell Daugherty about a call he’d just fielded from a man named Robert Boback. Boback claimed to have gotten hold of a file full of LabMD patient information. This was scary for a medical business that had to comply with federal rules on privacy, enshrined in the Health Insurance Portability and Accountability Act. I need proof, Daugherty told his deputy. Get it in writing.

 

labmd_file_boxes__02

LabMD artifacts Photographer: Johnathon Kelso for Bloomberg Businessweek

(more…)

Read More

24 Mar Cybersecurity Firm With A History Of ‘Corporate Blackmail’ Raided By The FBI

AAEAAQAAAAAAAAR-AAAAJDlmZTE0YWFiLTM4YTUtNGQ5Zi05Y2RhLThkMWFhZjg0YjY3OA

Sharing the latest from TechDirt

from the fate-of-CEO-Robert-‘Whitey’-Boback-currently-unknown dept

Cybersecurity is a crowded field. Not every competitor will make it. That’s inevitable. Tiversa is one of the also-rans.

Tiversa is helmed by Robert Boback. Back in 2009, Boback was already well-versed in the cybersecurity hard sell. Here’s what he had to say about P2P software in front of a Congressional audience — an audience well-versed in the art of selling fear to fund additional government products.

Boback showed off a document, apparently from a senior executive of a Fortune 500 company, listing every acquisition the company planned to make — along with how much it was willing to pay. Also included in the document were still-private details about the company’s financial performance. Boback also showed numerous documents listing Social Security numbers and other personal details on 24,000 patients at a health care system, as well as FBI files, including surveillance photos of an alleged Mafia hit man that were leaked while he was on trial.

Boback was stealthily pitching his company’s P2P monitoring service. During this hearing, he also claimed to have come across documents containing details about the President’s helicopter on an Iranian computer.

(more…)

Read More

10 Feb TechFreedom to FTC: If You Can’t Prove Likely Injury, You Can’t Penalize Security Practices

WASHINGTON, DC — On Friday, TechFreedom urged the Federal Trade Commissioners (FTC) not to reverse the dismissal of a lawsuit brought by FTC staff against LabMD, a small cancer testing lab that went out of business under the weight of the lawsuit, but has continued to challenge the FTC’s approach to data security with pro bono representation. In an Amicus Curiae brief, TechFreedom argues that the FTC must not ignore the most important limit that Congress has placed on the FTC’s sweeping power to prohibit business practices: that a practice must “causes or is likely to cause substantial injury.”

(more…)

Read More

14 Jan How a Lone Conservative Firebrand Became the FTC’s Worst Nightmare

The article below is reblogged from The Atlantic

Most com­pan­ies fa­cing a law­suit from the Fed­er­al Trade Com­mis­sion try to settle as quickly as pos­sible.
Fight­ing the FTC means years of ex­haust­ing and ex­pens­ive lit­ig­a­tion. The com­mis­sion doesn’t even have the au­thor­ity to im­pose fines for most vi­ol­a­tions, so a set­tle­ment usu­ally just means the com­pany has to change its be­ha­vi­or, agree to some in­de­pend­ent audits, and ride out the wave of neg­at­ive news cov­er­age. It’s an easy choice for most cor­por­ate ex­ec­ut­ives.

(more…)

Read More

11 Jan Top 10 Influencers in Health InfoSec – Michael is number 6!

Michael is honored to be #6 on Healthcare Information Security’s List of Leaders!

Fourth Annual List of Healthcare Information Security Leaders

Reblogged from Healthcare Info Security
HealthcareInfoSecurity announces its fourth annual list of top influencers, recognizing leaders who are playing significant roles in shaping the way healthcare organizations approach information security and privacy.

(more…)

Read More

30 Dec Author Michael Daugherty Says Technology Will Leave Workers ‘Out In The Cold’

Michael was recently interviewed by Stephen K. Bannon. The following article accompanies the interview. The original can be found here.

Author Michael Daugherty believes that technology as a “double-edged sword” will be responsible for major shifts in the workplace, as companies seek a level of efficiency that will cause jobs to “evaporate.”

(more…)

Read More

16 Dec Michael Daugherty of LabMD is officially the only challenge facing the FTC as it sets (or at least enforces) cybersecurity requirements for American business

Reblogged from Lawfare

Michael Vatis tells us that Michael Daugherty of LabMD is officially the only challenge facing the FTC as it sets (or at least enforces) cybersecurity requirements for American business. That’s because Wyndham Hotels has officially given up the ghost, agreeing to twenty years of privacy and security monitoring by the FTC…..

….The podcast will be on hiatus over the holidays, but we won’t completely abandon you. While I was at a BlackHat Executive conference last week, I had a chance to do a short interview of Mike Daugherty about his LabMD experience, and we’ll be releasing that as a special bonus edition of the podcast over the Christmas break. (We’re holding it because I’ve offered the FTC a chance for equal time.  But we’ll be releasing the interview next week in any event, with or without the FTC’s input.)

Listen to the podcast here

Read More

28 Nov FTC loses cybersecurity case against medical lab

Reblogged from here

The Federal Trade Commission routinely holds companies responsible for data breaches that expose consumers’ private data to intruders. But the commission’s recent loss in the case of LabMD raises questions about its ability to prevail in other consumer cybersecurity cases.

The agency had sought to hold the medical testing lab responsible for a data breach that exposed the records of 9,000 patients. But LabMD fought back, refusing to sign a consent order and arguing that there was no proof any consumer had suffered any actual harm as a result of the breach.

Late last week, FTC Chief Administrative Law Judge Michael Chappell agreed and dismissed the commission’s complaint.

“FTC spent millions of taxpayer dollars to pursue its baseless case against LabMD, an innovative and successful provider of cancer diagnostics,” said Daniel Epstein of Cause of Action Institute, which defended LabMD. “Although FTC’s ostensible justification for this boondoggle was ‘data security,’ it produced no evidence that even a single patient was harmed by LabMD’s alleged inadequacies.”

(more…)

Read More