Benjamin Powell, Elizabeth D'Aunno and Shannon Mercer discuss the Department of Justice’s investigation and prosecution of cybersecurity noncompliance in an article published by Law360.
Excerpt: Speaking about the U.S. Department of Justice's enforcement priorities on Sept. 12 at the American Bar Association's annual Civil False Claims Act and Qui Tam Enforcement Institute conference, the principal deputy assistant attorney general in the DOJ's Civil Division, Brian Boynton, provided important insights into the DOJ's investigation and prosecution of contractors for noncompliance with cybersecurity requirements.
Announced last October, the DOJ's Civil Cyber-Fraud Initiative seeks to hold contractors liable under the False Claims Act, or FCA, for
knowingly providing deficient cybersecurity products or services, knowingly misrepresenting their cybersecurity practices or protocols, or knowingly violating obligations to monitor and report cybersecurity incidents and breaches.[1]
The DOJ has since announced two recoveries under the initiative.