As discussed in a previous post, the Department of Justice (DOJ) has announced a new Civil Cyber-Fraud Initiative to utilize one of the strongest tools in its toolbox—the False Claims Act—to hold entities receiving federal dollars accountable where it believes they are failing to meet their cybersecurity obligations.
The reach of the False Claims Act is extremely broad. Anyone who tells the government that they are abiding by cybersecurity standards to receive money from the government can be a potential defendant in a False Claims Act suit. These statements can come in several forms. For example, a company may say that it is abiding by industry standards or has adopted reasonable cybersecurity protocols in its bid to procure a government contract, or the company may make such a statement in the contract itself.
For example, in a case out of the Eastern District California discussed in a previous post, a former cybersecurity director for Aerojet brought a False Claims Act case alleging that the company failed to comply with its cybersecurity obligations under its Department of Defense and NASA contracts, and it continued to seek government contracts after it became aware of its noncompliance. Depending on the industry, a company might also certify through cost reports, claim submissions, securities disclosures, contracts, or other forms that it abides by applicable statutes and regulations, including applicable privacy and security...
Pakistani actress and model Ayesha Omar has strongly denied a controversial statement falsely attributed to her on social media. In recent days, a statement circulated online claiming that the act...