Skip to Content

Privacy & Data

How a Lone Conservative Firebrand Became the FTC’s Worst Nightmare

National Journal:

Fight­ing the FTC means years of ex­haust­ing and ex­pens­ive lit­ig­a­tion. The com­mis­sion doesn’t even have the au­thor­ity to im­pose fines for most vi­ol­a­tions, so a set­tle­ment usu­ally just means the com­pany has to change its be­ha­vi­or, agree to some in­de­pend­ent audits, and ride out the wave of neg­at­ive news cov­er­age. It’s an easy choice for most cor­por­ate ex­ec­ut­ives.

But Mi­chael Daugh­erty, the CEO of the At­lanta-based med­ic­al-test­ing fa­cil­ity Lab­MD, isn’t like most cor­por­ate ex­ec­ut­ives. When the FTC began in­vest­ig­at­ing his com­pany for al­legedly fail­ing to pro­tect thou­sands of sens­it­ive pa­tient re­cords, he wasn’t go­ing to just lie down.

“They had no idea who they were screw­ing with,” Daugh­erty said in an in­ter­view. He ig­nored the law­yers who urged him to strike a deal, and he vowed to stand up to the FTC, which he says is run by “pro­fes­sion­al bul­lies.”

Two and a half years after the FTC first sued Lab­MD, the leg­al battle is still ra­ging, with neither side plan­ning to back down any­time soon. And the stakes have only got­ten high­er. If Daugh­erty wins, the case could sig­ni­fic­antly curb the FTC’s au­thor­ity to sue com­pan­ies for sloppy data se­cur­ity. That would be a ma­jor blow to the fed­er­al gov­ern­ment’s ef­forts to thwart hack­ers who are in­creas­ingly steal­ing massive amounts of in­form­a­tion from banks, health in­surers, re­tail­ers, and oth­er com­pan­ies.

“I sus­pect if the FTC knew how this was go­ing to play out, they prob­ably wouldn’t have brought the case,” said Gautam Hans, a policy coun­sel for the Cen­ter for Demo­cracy and Tech­no­logy, a con­sumer-ad­vocacy group. But now that the com­mis­sion has picked the fight, there’s no turn­ing back.

Full story here.