The Devil Inside the Beltway is a chilling memoir that documents the shambles made of Michael Daugherty’s life by apparent regulatory overreach on the part of the Federal Trade Commission (FTC) that is still underway.
Reading Daugherty’s book is extremely painful for those who know Michael and that number is growing because to read his heartfelt words is to know him. For a first time author, Daugherty demonstrates a mastery fueled by first-hand experience and a gut wrenching conviction to fight back against all odds.
The story begins with an email out of the blue from the founder of Tiversa, Inc., a security vendor, according to Daugherty, desperately seeking validity with a peer-to-peer file sharing snooping tool they developed.
Searching through the Meta data of files shared through LimeWire software for personally identifiable information (PII) like Social Security Numbers, Tiversa said it had found evidence that just such a file existed on the desktop computer of a billing clerk at LabMD, the Atlanta-based medical testing company that Daugherty founded and still leads.
Then, according to Daugherty, Tiversa allegedly stole the file from that computer and shot off a typical hacker’s extortion email to LabMD: “Hi, we found this file, attached, and would love to help you fix your security problems.”
After refusing to deal with Tiversa, even in the wake of a veiled threat to turn the file over to the FTC, LabMD became the target of an FTC investigation.
The FTC in a release on the complaint, filed in August of this year, alleges that LabMD “failed to reasonably protect the security of consumers’ personal data, including medical information.”
The release adds: “The complaint alleges that in two separate incidents, LabMD collectively exposed the personal information of approximately 10,000 consumers. The complaint alleges that LabMD billing information for over 9,000 consumers was found on a peer-to-peer (P2P) file-sharing network and then, in 2012, LabMD documents containing sensitive personal information of at least 500 consumers were found in the hands of identity thieves.”
However, LabMD has said it is being attacked by the FTC without them publishing any data-security regulations or standards being violated and with the knowledge that LabMD’s data security practices are regulated by the Department of Health and Human Services (HHS) and that the HSS has never suggested that LabMD has violated any patient data-security regulations or requirements.
I recommend reading The Devil Inside The Beltway for the blow-by-blow account of Daugherty’s battle with a government juggernaut. At huge direct cost (over $250K) and unmeasurable damage to his business that Daugherty is still battling. The latest is 35 subpoenas for 23 simultaneous depositions issued by the FTC.
Every small business owner would do well to read this book, especially if they are considering standing up to a government agency. They may think twice, or better yet, they will be forewarned, thus better prepared to pick, fight, and win their battle. If only more businesses displayed, as Michael Daugherty has, such courage.