Congressman questions FTC breach probe amid claims of 'corporate blackmail'
House Oversight Committee questions reliability of Tiversa data used by FTC in filing complaint against LabMD
Computerworld - A U.S. House committee has called on the Federal Trade Commission's Inspector General to probe the agency's relationship with a peer-to-peer network-monitoring firm whose data is key evidence in an FTC complaint filed against LabMD.
The agency's case is dependent on claims by Tiversa that in 2008 it found a 1,718 page billing spreadsheet belonging to LabMD floating about on a public file-sharing network. Tiversa said the data included Social Security Numbers, treatment codes and insurance data on about 10,000 people.
At the time, Tiversa said the document was one of several sensitive files belonging to multiple firms it found when conducting research on the inadvertent leakage of personal health data on P2P networks.
The House Committee on Oversight and Government Reform disputes Tiversa's claims.
In a letter sent Wednesday, Committee Chairman Darrell Issa (R-Calif.) requested that FTC acting Inspector General Kelly Tshibaka investigate those claims and allegations of "corporate blackmail" against Tiversa.
In the letter, Issa said the oversight committee is investigating Tiversa and its relationships with the FTC and other federal agencies. "The Committee has received information from current and former Tiversa employees indicating a lack of truthfulness in testimony Tiversa provided to federal government entities," Issa said in the letter.
The FTC filed its complaint in August 2013, alleging that LabMD practiced deceptive and unfair trade practices for allowing a document containing sensitive health information to sit on a peer-to-peer network. The complaint was filed after a lengthy two-year discovery process.
FTC Chief administrative law judge Michael Chappell has delayed the trial due to the oversight committee's questions about the case.
Issa contends that Tiversa attempted to sell its security monitoring services to LabMD immediately after its purported discovery of the file. When LabMD refused the services, Tiversa then provided the information to the FTC, Issa said in his letter.
Though there are competing claims about who is responsible for disseminating false information, "it is now clear, however that Tiversa provided incomplete and inaccurate information to the FTC," Issa said
Issa also said the oversight committee has also learned of allegations that Tiversa, in conjunction with the FTC, created an entity called the Privacy Institute to provide information about data breaches to the agency. "If these allegations are true, such coordination between Tiversa and the FTC would call into account the LabMD enforcement action, and other FTC regulatory matters that relied on Tiversa supplied information," the letter said.
The FTC declined to comment on Issa's letter.
In an email to Computerworld, Tiversa CEO Robert Boback, denied that his company has a special relationship with the FTC.
"This is absolutely and unequivocally NOT true," Boback said. "Tiversa has never been paid by the FTC nor was a contract ever discussed in any way!"
- Software Asset Management: Pay Attention or Pay Up There is a wide range of options for managing software assets, from in-house solutions to the cloud to managed services providers. Read this...
- Are You Prepared for a Software Audit? Just the word "audit" is enough to make anyone shiver, and when it comes to a software audit, the reaction is no different....
- 2014 Gartner Magic Quadrant Report For the 7th year in a row, Riverbed is in the "Leaders" Quadrant of the 2014 Magic Quadrant for WAN Optimization Controllers. In...
- Improving Business Value of WAN Optimization Want to achieve faster ROI with WAN optimization? Read the latest IDC report and discover how you can cut IT costs without compromising...
- Live Webcast How to serve up a Grand Slam with a scalable IT Infrastructure for cloud, big data and advanced analytics Register today to attend this webcast, and see examples of how The U.S. Tennis Association, Wimbledon and U.S. Golf Association are using the...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Leveraging Flash Storage to Accelerate Oracle Real Application Clusters Join this webinar to understand the latest solid-state storage trends, the specific applications driving solid-state storage deployments and the benefits of deploying the...
- Top 4 Digital Signage Fails Join RMG Networks for a look at four of the most common reasons digital signage fails in corporate businesses. Learn about strategies to... All Gov't Legislation/Regulation White Papers | Webcasts