RSS Feed LinkedIn Instagram Twitter Facebook
FMG Law Blog Line

Posts Tagged ‘#DOJ’

Leaked DOJ Memo Unearths New Strategy in Qui Tam Cases

Posted on: February 13th, 2018

By: Samantha L. Skolnick

On January 10, 2018, an internal Department of Justice memorandum (the “Granston Memo”) was leaked to the public, turning heads. The Granston Memo included an in-depth analysis of the DOJ’s position on evaluating dismissals pursuant to the False Claims Act (FCA). The Granston memo outlined the DOJ’s position on FCA claims brought by whistleblowers. Under the FCA, a whistleblower may bring what is known as a “qui tam” action on behalf of the government, which potentially allows said whistleblower to receive a share of any government recovery.  The Granston memo is particularly significant, as it provides those faced with claims of False Claims Act violations with insight into the DOJ’s stance on a range of factors for dismissing these qui tam actions.

Under the FCA, the Attorney General can dismiss a whistleblower’s qui tam action, so long as the whistleblower is given the opportunity to be heard. 31 U.S.C. § 3730(c)(2)(A). Despite this provision, the DOJ noted that this dismissal option has not been actively utilized by the DOJ.  The Granston Memo specifically addresses seven enumerated circumstances where the DOJ should be considering moving to dismiss these qui tam actions:

(1) curbing meritless qui tams;

(2) preventing parasitic or opportunistic qui tam actions;

(3) preventing interference with agency policies and programs;

(4) controlling litigation brought on behalf of the United States;

(5) safeguarding classified information and national security interests;

(6) preserving governmental resources; and

(7) addressing egregious procedural errors.

Of course, the factors above are not mutually exclusive or exhaustive. The DOJ could move to dismiss these actions for multiple or other reasons.

The Granston Memo also sheds light on the increased number of whistleblower filings per year, which appears to have triggered this concern by the DOJ of the underutilized dismissal provision of the FCA. Indeed, the Granston memo mentions the possible negative consequences of the Government’s failure to use the dismissal provision, including generating adverse decisions which affect the government’s ability to enforce the FCA.

Companies or persons facing FCA claims should be particularly aware of the Granston memo, and should argue to the DOJ and/or to the whistleblower themselves that any such claim is subject to dismissal based on the seven factors above. In some circumstances where the government has decided not to intervene, the whistleblower can obtain permission and voluntarily dismiss a qui tam action.

For more information, contact Samantha Skolnick at [email protected]

DOJ Issues Guidance for Best Practices Before, During, and After a Data Breach

Posted on: May 19th, 2015

Red "SECURITY BREACH" revealed in green computer code through aBy David Cole

In response to the increasing number of data breaches around the county, and the public attention being given to them, the Department of Justice (DOJ) recently issued a guidance document intended to help organizations prepare for and respond to data breaches. The document, titled “Best Practices for Victim Response and Reporting of Cyber Incidents,” is based on the DOJ’s experience investigating and prosecuting cybercriminals. The guidelines focus primarily on the proactive and reactive measures an organization should take with respect to data breaches.

Consistent with the NIST Cybersecurity Framework, the DOJ guidance recommends that, before any data breach occurs, organizations should conduct a risk assessment to identify and prioritize critical assets, data, and services.  In addition, the guidance recommends that organizations develop a data breach response plan that has specific, concrete procedures to follow in the event of a data breach.  Once a plan is developed, organizations should test the plan with “table top” exercises, and continually update the plan to reflect changes in personnel and structure. Organizations should also ensure that they maintain necessary technology to detect and respond to data breaches.

In the event of a data breach, the guidance recommends a number of basic steps.  It advises organizations to not use compromised systems to communicate once they become aware of a potential data breach.  After making an initial assessment of the nature and scope of the incident, the guidelines also suggest that an organization minimize continuing damage to its system by taking steps such as rerouting network traffic, blocking a denial of service attack, or isolating all or part of a compromised network. The organization also should record and collect all evidence and information that it can about the unauthorized access that occurred, which may involve imaging the affected computer and retaining all logs and records of the data underlying the incident.  Finally, the guidelines suggest that an organization notify its employees, management, law enforcement (including the Department of Homeland Security), and any potential victims.

The guidelines also warn that, in the event of a cyber-attack, that organizations should not “hack back” or intrude upon the suspect’s network.  “Hacking back” may violate a number of laws, and since many intrusions are launched from compromised systems, “hacking back” can damage or impair another victim’s system. The guidance also recommends that victim organizations continue monitoring their networks after a cyber-attack for any unusual activity to make sure that any unauthorized users are really gone.  After an incident is over, the DOJ recommends a post-incident review to identify deficiencies in planning and execution of the incident response plan.

Lastly, the DOJ suggests that before, during, and after a data breach, organizations work closely with legal counsel who is experienced in handling data breaches. The use of experienced counsel ensures that an organization will receive accurate advice from counsel who is comfortable with addressing the unique and varied issues that arise from a data breach.  To review your organization’s data breach preparedness and evaluate the best ways to implement these guidelines in your organization, please contact David Cole at (770) 818-1287 or [email protected].