Search Results for ‘labmd’

For LabMD, the consolation of a big win in court

Readers who watched the Cato forum last November on prosecutorial fallibility and accountability, or my coverage at Overlawyered, may recall the story of how a Federal Trade Commission enforcement action devastated a thriving company, LabMD, following a push from a spurned vendor. Company founder and president Mike Daugherty, who took part on the Cato panel, wrote a book about the episode entitled The Devil Inside the Beltway: The Shocking Exposé of the U.S. Government’s Surveillance and Overreach into Cybersecurity, Medicine and Small Business.

Last month two separate federal appeals courts issued rulings offering, when combined, some consolation for Daugherty and his now-shuttered company. True, a panel of the D.C. Circuit Court of Appeals, finding qualified immunity, disallowed the company’s claims that FTC staffers had violated its constitutional rights by acting in conscious retaliation for its criticism of the agency. On the other hand, an Eleventh Circuit panel sided with the company and (quoting TechFreedom) “decisively rejected the FTC’s use of broad, vague consent decrees, ruling that the Commission may only bar specific practices, and cannot require a company ‘to overhaul and replace its data-security program to meet an indeterminable standard of reasonableness.’” [More on the ruling here and here]

As usual, John Kenneth Ross’s coverage at the Institute for Justice’s Short Circuit newsletter is worth reading, both descriptions appearing in the same roundup since they were decided in such quick succession:

Allegation: Days after LabMD, a cancer-screening lab, publicly criticized the FTC’s yearslong investigation into a 2008 data breach at the lab, FTC staff recommend prosecuting the lab. Two staffers falsely represent to their superiors that sensitive patient data spread across the internet. (It hadn’t.) The FTC prosecutes; the lab lays off all workers and ceases operations. District court: Could be the staffers were unconstitutionally retaliating for the criticism. D.C. Circuit: Reversed. Qualified immunity. (Click here for some long-form journalism on the case.)…

Contrary to company policy, a billing manager at LabMD—a cancer-screening lab—installs music-sharing application on her work computer; a file containing patient data gets included in the music-sharing folder. In 2008 a cybersecurity firm finds it and tells LabMD the file has spread across the internet. (Which is false.) When LabMD declines to hire the cybersecurity firm, the firm reports the breach to the FTC, which prosecutes the case before its own FTC judge. LabMD does not settle; the expense of fighting forces the company to shutter. The FTC orders LabMD to adopt “reasonably designed” cybersecurity measures. Eleventh Circuit: The FTC’s vague order is unenforceable because it doesn’t tell LabMD how to improve its cybersecurity.

Our friend Berin Szóka of TechFreedom sums it up: “The court could hardly have been more clear: the FTC has been acting unlawfully for well over a decade.” He continues by calling this “a true David and Goliath story”:

Well over sixty companies, many of them America’s biggest corporations, have simply rolled over when the FTC threatened to sue them [over data security practices]. … Only Mike Daugherty, the entrepreneur who started and ran LabMD, had the temerity to see this case through all the way to a federal court. …After losing his business and a decade of his life, Daugherty is a hero to anyone who’s ever gotten the short end of the regulatory stick.

[cross-posted from Cato at Liberty]

Watch today: when prosecutors go wrong

Live today (Tuesday) at 4 Eastern, and watchable online, a Cato forum with three authors of books on runaway prosecution: Rob Cary, partner at Williams & Connolly, and author of Not Guilty: The Unlawful Prosecution of U.S. Senator Ted Stevens; Howard Root, Former CEO, Vascular Solutions, and author of Cardiac Arrest: Five Heart-Stopping Years as a CEO on the Feds’ Hit-List; and Michael J. Daugherty, founder and president, LabMD, and author of The Devil Inside the Beltway: The Shocking Exposé of the U.S. Government’s Surveillance and Overreach into Cybersecurity, Medicine and Small Business; moderated by Clark Neily, Vice President for Criminal Justice, Cato Institute. More details:

Prosecutors and other government lawyers who enforce our nation’s laws wield vast power and exercise tremendous discretion with little oversight or accountability. For example, more than 95 percent of criminal convictions are now obtained through plea bargaining instead of jury trials. As a result, citizen participation in our criminal justice system has effectively been eliminated and with it much of the oversight that the Constitution’s framers intended. Even when cases do go to trial, it is possible — and, some have argued, disturbingly common — for prosecutors to further tilt the playing field in their favor by failing to disclose potentially exculpatory evidence, influencing witnesses with threats or inducements, and manipulating juries with improper arguments. Unfortunately, when government lawyers do commit misconduct, it is extremely rare for them to be punished or indeed even publicly identified. Finally, the U.S. Supreme Court has held that prosecutors are absolutely immune from civil lawsuits, even for willful violations of people’s rights, such as deliberately prosecuting someone they know to be innocent and suborning perjury to obtain an unjust conviction.

As a result, two important questions arise: (1) Are the existing checks on prosecutorial misconduct strong enough to ensure fairness in criminal and regulatory proceedings; and (2) are Americans well-served by our current system of near-zero accountability for prosecutors and other government lawyers? Our panelists have written powerful and often deeply shocking books about their firsthand experiences with that system and the damage it does to the cause of justice.

August 9 roundup

  • “What is the essence of a two by four?” And how did class action lawyers manage to get into the act? [Coyote, earlier]
  • Don’t: “Syracuse lawyer accused of making bomb threat to avoid court hearing” [John O’Brien, Syracuse Post-Standard]
  • Texas: “Even if you’re not the biological father, you still owe child support that accrued before the DNA test” [Fernando Alfonso III, Houston Chronicle]
  • Federalist Society podcast with Justin (Gus) Hurwitz, Michael Daugherty, and Devon Westhill on long cybersecurity battle between FTC and Daugherty’s company, LabMD [earlier]
  • Judge rejects suit by student over grade in poetry class [Sari Lesk, Milwaukee Journal-Sentinel; U. of Wisconsin-Stevens Point]
  • On Johnson Amendment (tax status of churches’ political speech) don’t expect a revolution [S.M. Chavey, Heartland, quoted]

August 17 roundup

  • Upcoming evening panel on the Olympics and aggressive trademark/copyright policing, with Jim Harper, Julian Sanchez, and me, Kat Murti moderating [at Cato, August 24]
  • “We are drowning in law.” New reform project from Philip K. Howard’s Common Good [Take-Charge.org]
  • “Extremely Rare Deadly Balloon Tragedy Leads to Familiar Calls for More Regulation” [Scott Shackford, Reason]
  • FTC, reversing its administrative law judge, asserts widened authority over data security practices in LabMD case [James Cooper, earlier here, etc.]
  • Baltimore police matters, gerrymandering, historic preservation and more in my latest Maryland roundup at Free State Notes;
  • “Shark-Attack Lawsuit Raises Interesting Questions, Like What Were You Doing in the Ocean to Begin With” [Lowering the Bar]

January 27 roundup

Buy our protective services, or we’ll rat you out to the feds

I’ve got a new post at Cato summarizing dramatic new testimony in the case (briefly noted here last year) of a laboratory company that got reported to the Federal Trade Commission for data breach — and drawn into a crushingly expensive legal battle — after it declined to buy data security services offered by a company with Homeland Security contracts. The battle has been raging for a while, with the nonprofit Washington, D.C. group Cause of Action representing LabMD and outlets like Mother Jones running coverage unsympathetic to its case.

FTC flexes its data-privacy powers

And goodbye to an Atlanta-based lab services business [Ed Hudgins, Atlas Business Rights Center] Law-enforcement-for-profit sidelight: according to owner Michael Daugherty, allegations of data insecurity at LabMD emanated from a private firm that held a Homeland Security contract to roam the web sniffing out data privacy gaps at businesses, even as it simultaneously offered those same businesses high-priced services to plug the complained-of gaps.