31 Mar Uropathology laboratory LabMD files suit against Federal Trade Commission


By The Pathology Blawg on Mar 31, 2014 08:00 am
FTC building

Uropathology laboratory LabMD, which was forced to suspend operations in January 2014, has filed suit against the Federal Trade Commission (FTC), stating the agency has abused its power in the manner with which it has handled the data breach action the FTC brought against LabMD.

LabMD’s complaint

There is quite a bit of information in the 43 page complaint, which readers can refer to if interested, but the following represents a very brief summary of pertinent points within the complaint.

In 2008, a company called Tiversa obtained a LabMD computer file with the protected health information (PHI) of more than 9,000 patients from a peer-to-peer file sharing program.

Tiversa is:

a self-described “cyber-intelligence company” specializing in searching for and copying medical, financial, and other sensitive files on peer-to-peer networks using patented technology

Tiversa then told LabMD it had obtained the PHI but refused to provide any further information “unless LabMD entered into a contract for Internet security services” with Tiversa.  LabMD refused.

Tiversa then allegedly turned LabMD’s PHI over to the FTC, after which the FTC launched a full-scale investigation into LabMD’s data security practices and pronounced the data breach was the result of inadequate data security practices.

These supposed inadequate data security practices, according to the FTC, represent an “unfair” trade practice under Section 5 of the FTC Act.

Notably, the FTC has, to this day, never actually stated in any rule, legal document or statement precisely what LabMD did wrong or what it should have done differently.

LabMD has consistently argued the FTC lacks the statutory authority to investigate PHI security, which falls under the purview of the Department of Health and Human Services(HHS) under HITECH and HIPAA.

Neither HHS nor the FTC have ever accused LabMD of violating HIPAA or HITECH, and in fact, HHS decided in September 2013 that there were no grounds to even initiate an investigation into LabMD’s data security practices as they relate to this case.

LabMD also argues the FTC has retaliated against its owner, Michael Daugherty, after he spoke out against what the FTC is doing in a book he wrote as well as during speaking engagements and press interviews, and that this amounts to a violation of the First Amendment.

As a result of the FTC’s actions, LabMD states it lost its directors and officers liability insurance in October 2013, and in addition, LabMD and its physicians cannot obtain tail malpractice insurance nor a general liability policy that would enable it to rent office space.

So after four years of legal and regulatory wrangling and over $500,000 in legal fees, LabMD filed this suit against the FTC asking for a declaratory judgment that:

  • The FTC lacks statutory authority to regulate patient-information data-security practices under Section 5
  • The FTC’s efforts to regulate patient information are beyond the scope of its power
  • The FTC violated LabMD’s due process rights by failing to provide adequate notice of what data-security practices it violated
  • The FTC violated LabMD’s due process rights by unconstitutionally combining legislative, prosecutorial, investigative, and adjudicatory functions
  • The FTC unconstitutionally retaliated against LabMD for engaging in constitutionally protected speech

LabMD also asks the court to stop the FTC from further pursuing any action against LabMD as it relates to this case and to compel the FTC to pay LabMD’s attorney fees.


I spoke with Mr. Daugherty by phone the other day about his lawsuit and he said simply:

This lawsuit against the FTC is not about LabMD or Mike Daugherty, it is about protecting health care providers from government overreach.

Mr. Daugherty also provided me with a link to a short article written by two attorneys, which, in his opinion, represents an excellent summary of the big picture in this case.

This press release from Cause of Action, the government accountability organization that filed the suit on behalf of LabMD, also summarizes the case nicely.

Read More

17 Mar Reporting from the battle front….

Hello World…it has been a while.

Screen shot 2014-03-17 at 1.37.28 PM

There is only one of me and quite a bit has been going on.  I plan on posting much more frequently moving forward. Content, content, content….that is all I hear.

So the FTC sued my company, LabMD, last August, 2013 and rammed us right out of the game with their revenge mission for me standing up to them. What has happened since?

Cause of Action, a DC based government oversight law firm took over my case. Why? Because the government will keep smacking all of us around the room until they are stopped. Nobody is stopping them. Not Congress, not the media, not Obama and not the courts.

Why? Because the public doesn’t yet understand how bad things are so they make no demands. I am trying to tell my story to help America and the world understand why this is so terrible. Cause of Action is helping me survive the FTC’s “innocent doesn’t matter” meat grinder.

My book, The Devil Inside the Beltway, came out in late September, 2013. With the book’s release came the simultaneous decline of my father’s health, who had been battling prostate cancer for 14 years. He passed away October 11, 2013. This put life in perspective and brought home what really matters. The book promotion went on hold.

I learned the joy of having publicists and who my friends really were. Nevertheless, the reviews come in very strong. I had no time to shake the media tree.

The FTC started carpet bombing my company with about 40 subpoenas to doctors, employees that had left 6 years prior, former IT contractors, etc. The FTC fury was on full display as they ripped the company to shreds searching for validation for their outrageous acts and corrupt behavior. FTC Commissioner Julie Brill slammed LabMD in Brussels. She removed herself from the case on Christmas Eve day when nobody was looking. This is how the spineless act, trying to get away with dirt and burying their behavior when nobody is looking.

Brill and Company, the FTC, destroyed LabMD’s operations with their draining diversions. We accepted our last specimens in January, 2014. They haven’t won. Trust me, the world will shudder at their road kill.

Closing a cancer detection center is a shocking, long and painful process. Laying off employees, saying goodbye to physician practices after working with them for over twenty years has been painful. And for what? For the FTC’s need to save the world in areas where they don’t know what they are doing. They are fools as they try to expand their powers to regulate as far and as wide as they can reach. Their mission statement sounds so sweet to the ignorant ear, but, as I show in my book, not only does this treachery waste our dollars, it leaves us less safe.

We are fighting the FTC’s claims of jurisdiction to run their torture chamber on many fronts:
1)      They argue they don’t need to announce standards or rules
2)      They are allowed to regulate Medicine over and above HHS
3)      They are allowed to investigate anyone for any reason where a judge finds it “plausible” that something “may” be amiss.

In the real world this should matter to you as this means the FTC can go where they want, when they want, and how they want. Congress has created the beast and getting to a judge is a very long and expensive battle. Until a judge says “no” or Congress says “no” the FTC will be an organization of zealots that live in their own house of mirrors.

My goal is to get through the meat grinder and SHOW YOU, CONGRESS and the MEDIA “THE MEAT GRINDER”.

The FTC’s goal is to stop me from letting you know, discredit LabMD, and prevent me from getting out of their Administrative court process.

I will blog about current and relevant events to build a transparent platform for the world to judge. Loyalty is a gentle charade in Washington. So is transparency. Watch them try to pound me down, stop exposing their hypocrisy and playbook. It won’t work.

Do you know what the FTC does?
Do you care?
Do you understand how government agencies in America use and abuse their power?

With Obamacare and Privacy such huge issues that enter the lives of all Americans, I hope many will at least watch, if not join, my journey.

Read More

03 Feb When The Government Closes Your Business

Screen shot 2014-02-03 at 10.16.25 AM
Michael J. Daugherty is interviewed on Forbes!

Here’s an excerpt:

For those unaware of the case, Daugherty is the founder of LabMD, an Atlanta-based medical testing laboratory that has been caught up in a four-year-long battle with the FTC. Days ago, the company issued a press release: Following a 4:0 vote by the FTC on January 16 to reject LabMD’s motion to dismiss an August 2013 complaint against the facility, the company announced that it has begun the process of winding down. The book documents the company’s saga. While it’s highly specific to the FTC battle, Daugherty’s experience as a founder is also a sobering story for any business owner to read.


Daugherty opened LabMD 18 years ago, in 1996. The lab operated as a small business of 20-some employees and analyzed blood, urine and tissue samples for cancer, micro-organisms and tumor markers. The nightmare began like most any misadventure in business: a company spreadsheet showed up in a research project on accidental data leakage.  Somehow, the company’s database of private client information had escaped the firewall boundary. Upon investigation, the company discovered the unwitting culprit: an employee had downloaded LimeWire, a peer-to-peer sharing program, onto a company workstation to listen to music files during work. The peer sharing protocol, of course, created the means for sensitive client data to leave the network as well.

Yes, it was a serious issue and one that required corrective action. New security measures. Stronger employee procedures. Penalties, perhaps. Even fines.

But LabMD’s nightmare had only begun. What makes the LabMD story interesting is that the company has actually never been charged with a HIPAA violation (the federal government’s privacy regulation that governs who can look at and receive an individual’s private health information.) Instead, LabMD became one of a set of companies aggressively pursued by the Federal Trade Commission (FTC) for allegations of failure to protect sensitive client information, not as a HIPAA violation, but as a “deceptive and unfair trade practice.”

To read the whole article, click on the graphic below

Screen shot 2014-02-03 at 10.16.25 AM

Read More

29 Jan LabMD Winds Down Operations – Press Release

JANUARY 28, 2014





CONTACT NAME: Elaine Smith Marshall, Empowered PR, 562-498-8450


Mike-profile-pic2(Atlanta, GA)  Citing the debilitating effects of the Federal Trade Commission’s (FTC) investigative practices and litigation, President and CEO Michael J. Daugherty announces that he has been forced to wind down operations at his Atlanta, GA, medical facility, LabMD.


The effects of this action will be felt throughout the medical community, from LabMD’s employees to the physicians and their patients who utilize the facility. Daugherty laments that LabMD will be hampered in its mission to offer the excellent medical care and reliable diagnoses it has provided to its clients for almost 20 years.


LabMD’s wind down is largely due to the FTC’s abuse of power. Following a four year investigation of LabMD, the FTC filed an administrative suit alleging LabMD’s patient information data security was an “unfair” trade practice. Absent any established or uniform data security standards; absent Congressional approval to regulate data security practices; absent a consumer victim from any alleged LabMD security breach; all without alleging that LabMD violated HIPAA privacy regulations, the FTC has spent untold taxpayer dollars investigating LabMD, destroying jobs and usurping power over patient information from the U.S. Department of Health and Human Services. That is why on November 15, 2013, Cause of Action, a government accountability group, sued the FTC on behalf of LabMD in an effort to put an end to the agency’s arbitrary and egregious use of authority in the administrative suit.


Government Health IT has stated that this is “…a dispute that could shape the future of health privacy regulation.”


Opening in 1996, LabMD specializes in analysis and diagnosis of blood, urine, and tissue specimens for cancers, micro-organisms and tumor markers. As part of the wind down, LabMD has stopped accepting new specimens for analysis; however, it will continue to meet the needs of its current clients.


Mr. Daugherty wishes to thank LabMD’s employees for their steadfast loyalty and for providing excellent professional service to over 750,000 patients, always keeping the lab’s important work at the forefront, even under the duress of the past four years of the FTC’s intrusive and damaging practices.


Michael J. Daugherty is President and CEO of LabMD and author of The Devil Inside the Beltway: The Shocking Exposé of the U.S. Government’s Surveillance and Overreach into Cybersecurity, Medicine and Small Business.

To download a copy of this document, click HERE.

Read More

28 Jan Michael J. Daugherty talks at the Heritage Foundation

Screen shot 2014-01-28 at 6.50.24 AM

The Shocking Exposé of the U.S. Government’s Surveillance and Overreach Into Cybersecurity, Medicine and Small Business

The Devil Inside the Beltway by Michael J. Daugherty

AUTHOR MICHAEL J. DAUGHERTY to speak about his book and his personal battle with the FTC.

Hosted by David Inserra, National Security and Cyber Security, Douglas and Sarah Allison Center for Foreign Policy Studies, The Heritage Foundation

Thursday, January 30, 2014 at 11:00AM, The Heritage Foundation’s Lehrman Auditorium

RSVP here or call (202) 675-1761

Complimentary copies of the book will be provided by the author and publisher and will be available to be signed. Members of the media are invited to a private on-site reception with Mr. Daugherty immediately following the presentation.

Those who cannot attend are invited to watch online at and follow the discussion on Twitter at #overreach14.


Read More

07 Nov LabMD Slams ‘Oppressive’ FTC Subpoenas in Data Breach Row

Screen shot 2013-11-07 at 7.20.51 AMLaw360, New York (November 06, 2013, 1:33 PM ET) — LabMD Inc. on Tuesday slammed the Federal Trade Commission over some three dozen third-party subpoenas it has issued in its ongoing investigation of alleged security breaches at the cancer diagnosis firm that the agency claims exposed the private medical information of thousands of consumers.

LabMD characterized the FTC’s move, which it said follows after years of discovery during which the firm has already submitted over 5,000 pages of documents since 2010, as an undermining tactic meant to harm its reputation and sap its financial resources, according to its motion for protective order filed Tuesday to an FTC administrative law judge.

The Atlanta-based company is represented by the Washington-based nonprofit Cause of Action, whose website says it “fights to protect economic opportunity when federal regulations … threaten it,” and which on Tuesday reiterated its challenge to the FTC’s authority to regulate data security practices.

“From the outset of the FTC’s investigation, the commission has exerted authority it does not have to punish a business that has done nothing wrong,” said COA Executive Director Dan Epstein.  “COA has taken up this fight because the commission is abusing its power and destroying a small business, and it must be held accountable for demonstrations such as these burdensome subpoenas.”

The group identifies itself as nonpartisan, but Epstein, who founded the group in 2011, has in the past worked for billionaire libertarian Charles G. Koch’s foundation, which has funded various economic freedom nonprofits. A COA spokeswoman on Tuesday declined to identify its donors, citing privacy concerns.

The FTC brought its suit in August over an alleged data breach when Internet security firm Tiversa Holding Corp. took  a LabMD patient information file and gave it to the FTC after LabMD turned down a business pitch by Tiversa, according to LabMD’s motion.

The FTC has claimed that that LabMD exposed the information of roughly 10,000 consumers in two instances: once when the billing information for thousands of consumers was found on a file-sharing network, and again when LabMD documents containing the private information of some 500 consumers were stolen by identity thieves, according to the agency.

LabMD, whose data security practices are regulated by the U.S. Department of Health and Human services, argues that HHS has never accused it of violating any such security requirements and that the FTC is merely retaliating for LabMD CEO Michael Daugherty’s scathing manifesto against the agency in his new book, “The Devil Inside the Beltway.”

“Nothing else explains why the FTC would issue more than 35 subpoenas at issue here,” LabMD said in its motion. “Instead of standing on the strength (or lack thereof) of its complaint, the FTC seeks to crush LabMD by using its vast resources to harass through abusive discovery tactics.”

LabMD is represented by Reed Rubinstein of Dinsmore & Shohl LLP and Michael D. Pepson of Cause of Action.

The case is In the Matter of LabMD Inc., docket number 9357, before the Federal Trade Commission.

Read More

06 Nov LabMD Files Motion for Protective Order to Quash FTC’s Burdensome and Oppressive Subpoenas

FOR IMMEDIATE RELEASEScreen shot 2013-11-06 at 8.39.52 PM

CONTACT: Kevin Schmidt, 202-499-2414


LabMD Files Motion for Protective Order to Quash FTC’s Burdensome and Oppressive Subpoenas

Already overstepping its enforcement authority, FTC issues 35 subpoenas for 23 simultaneous depositions

WASHINGTON – Cause of Action (CoA), a government accountability organization, filed a Motion for Protective Order before an Administrative Law Judge on behalf of LabMD seeking to quash 35 subpoenas served by the Federal Trade Commission (FTC) in a single day. The subpoenas are burdensome, oppressive and are consistent with the Commission’s plain goal of forcing LabMD into submission by exhausting the small Atlanta-based cancer diagnosis company’s resources.

CoA is defending LabMD against a complaint brought by the FTC based, in part, on allegations that a third party was able to obtain data from LabMD’s computers through the peer-to-peer (P2P) file sharing program LimeWire. The FTC has attacked LabMD without publishing any data-security regulations or standards and with the knowledge that LabMD’s data security practices are regulated by the Department of Health and Human Services (HHS).  HHS has never suggested that LabMD has violated any patient information data-security regulations or requirements.

In September, CoA filed pleadings challenging the FTC’s statutory authority to regulate patient information data-security practices as “unfair acts or practices” under Section 5 of the FTC Act and denying the Commission’s claim that  LabMD supposedly failed to provide reasonable and appropriate security for personal information on its computer networks.

“From the outset of the FTC’s investigation, the Commission has exerted authority it does not have to punish a business that has done nothing wrong,” said CoA Executive Director Dan Epstein.  “CoA has taken up this fight because the Commission is abusing its power and destroying a small business, and it must be held accountable for demonstrations such as these burdensome subpoenas.”

“No court has ever said that Section 5 authorizes the FTC to regulate patient information data-security practices, or any other data-security practices, for that matter,” explained CoA Senior VP of Litigation Reed Rubinstein.  “Despite the Commission’s repeated requests, Congress has refused to confer upon the FTC jurisdiction over such data-security cases.  Therefore, in an end-run around both the courts and the Congress, the Commission illegally abuses and burdens individual businesses like LabMD.”

CoA asserts in LabMD’s Motion for Protective Order that essentially, the FTC is flexing its “muscles” in retaliation for LabMD’s [public criticism]. No other reason explains why the FTC would issue 35 subpoenas to obtain information it already has. Instead of venerably standing on the strength (or lack thereof) of its Complaint, the FTC, is utilizing the vast resources at its disposal to harass LabMD and its clients. It is demanding irrelevant, costly, unnecessary, and duplicative information in an attempt to crush LabMD and its viability as a business.

The FTC’s bullying tactics include:

  • Conducting a multi-year “civil investigation” requiring LabMD to produce thousands of documents and its principals to submit to multiple examinations by government lawyers all unsupported by any concrete allegation of wrongdoing.  Complying with the FTC’s demands has cost LabMD hundreds of thousands of dollars as well as thousands of hours of management and employee time.
  • Forcing LabMD into an administrative hearing in which the Commission itself makes the “law,” prosecutes the “violations” and then determines the “verdict.”
  • Using abusive tactics that would not be tolerated by any federal court.  For example, the FTC served 35 subpoenas on third parties around the country demanding at least 23 depositions to take place simultaneously.  For LabMD to comply with the FTC’s oppressive subpoenas, LabMD would have to hire more than 23 attorneys and pay for their transportation to appear at depositions in California, Georgia, Pennsylvania and Florida, etc.

Given the FTC’s lack of jurisdiction to even bring such a data-security action against LabMD, it makes it abusive practices all the more egregious:

  • Notwithstanding the FTC’s repeated requests that Congress confer upon it the authority to regulate data-security, Congress has refused to do so.
  • In a 2000 report to Congress, Privacy Online: Fair Information Practices in the Electronic Marketplace: A Report to Congress, for example, the FTC admitted that it “lacks the authority to require firms to adopt information practice policies” and requested that Congress enact legislation providing a federal agency with the authority to regulate data security.  Notwithstanding the FTC’s pleas, Congress has not seen fit to expand the FTC’s jurisdiction.
  • The FTC cannot rely on any statutory precedent for the proposition that the FTC has authority to regulate data-security practices under Section 5 of the FTC Act.
  • Federal District Judge William Duffy recently noted, “There is significant merit to [LabMD’s] argument that Section 5 [of the Federal Trade Commission Act] does not justify an [FTC] investigation into data security practices and consumer privacy issues….”
  • Even assuming, arguendo, that the FTC did have jurisdiction over its asserted claims against LabMD because the Commission has not promulgated any rules, regulations, or other binding guidelines establishing the data-security practices with which it expects compliance, this enforcement action against LabMD violates due process requirements guaranteed and protected by the Fifth Amendment to the U.S. Constitution.

The FTC complaint can be found here, CoA’s answer on behalf of LabMD can be found here, and the Motion for Protective Order can be found here.

About Cause of Action:

Cause of Action is a non-profit, nonpartisan government accountability organization that fights to protect economic opportunity when federal regulations, spending and cronyism threaten it. For more information, visit

About LabMD:

LabMD is a cancer detection facility that specializes in analysis and diagnosis of blood, urine, and tissue specimens for cancers, micro-organisms and tumor markers. You can find out more about their battle with the FTC here.

To schedule an interview with Cause of Action’s Executive Director Dan Epstein, contact Mary Beth Hutchins, or Kevin Schmidt,



Read More
Michael Daugherty at the Chris Evert Tennis Classic

04 Oct Michael J. Daugherty to Participate in 2013 Chris Evert Celebrity Pro-Am

Come join Michael at the Chris Evert Celebrity Tennis Classic hosted at the Delray Beach Tennis Center and Boca Raton Resort and Club in Delray, Flordia this year! The Pro-Am boasts an all-star roster that includes: Chris Evert, Kristin Chenoweth, John Lovitz, Alan Thicke, Gavin Rossdale, Scott Foley and many more. All proceeds go to charity to help drug and child abuse in Florida.

The event takes place November 15 – 17, 2013. For more information, please visit

If you enjoyed reading this article, sign up for my newsletter and follow me on:

Facebook |  Twitter  |   Google+  |  Pinterest  |   LinkedIn

The Devil Inside the Beltway can be purchased:

Amazon  |   Kobo  |   B&N   

Read More