Below is an excerpt of a legal update co-authored with Government Enforcement + White Collar Defense Partner David E. Carney.
On June 17, the Department of Justice (DOJ) announced settlements of alleged False Claims Act (FCA) violations associated with cybersecurity requirements in contracts to provide a secure environment for online applications for federal housing assistance. Guidehouse Inc. and Nan McKay and Associates paid $7.6 million and $3.7 million, respectively, to settle the civil claims initially brought by a whistleblower under the FCA’s qui tam provisions. These settlements occurred pursuant to DOJ’s Civil Cyber-Fraud Initiative (Initiative), which leverages the FCA to impose liability upon federal contractors that, among other things, knowingly misrepresent cybersecurity policies and procedures to the federal government, and it shows that DOJ remains serious about contractor cybersecurity. (The DOJ’s announcement of the Initiative is available here.) In connection with the settlements, Principal Deputy Assistant Attorney General Brian M. Boynton, head of the DOJ’s Civil Division, said, “Federal funding frequently comes with cybersecurity obligations, and contractors and grantees must honor these commitments. The [DOJ] will continue to pursue knowing violations of material cybersecurity requirements aimed at protecting sensitive personal information.”