Not surprisingly, on August 30, 2016, LabMD filed its Application for a Stay of the Final Order of the Federal Trade Commission (FTC) pending review of the order by the appellate court. But since the matter is still pending before the FTC, the request for the stay had to be filed with the FTC, which recently ruled against LabMD [see related post]. That is an example of a conundrum within administrative law—having to go back to the enforcer to seek a stay of the enforcement action in order to seek a higher authority’s review.

It will be interesting to see if the Commission will agree to a stay while LabMD continues to fight it over its rejection of the Administrative Law Judge’s (ALJ) decision that the FTC’s claim that it had jurisdiction over LabMD’s data security practices had no merit. The ALJ found that no consumers had suffered harm from the alleged data breach, and therefore, recommended dismissal of the FTC’s enforcement action against LabMD. The ALJ also found that the expert reports and testimony submitted by the FTC relied on false testimony and were based on speculation.

This saga continues, and we will be watching closely to see how the FTC reacts to the request for a stay, and how the appeal moves forward. We have been following this very interesting case for years, and it will continue to be a great case study for Privacy Law students in my class.