WASHINGTON –House Oversight and Government Reform Committee Chairman Darrell Issa, R-Calif., sent a letter to Federal Trade Commission’s (FTC) Acting Inspector General Kelly Tshibaka last night requesting that the IG’s office investigate the FTC’s relationship with Tiversa, Inc. The Committee has substantial concerns about the reliability of the information Tiversa provided to the FTC and the relationship between the FTC and Tiversa.
In 2008, Tiversa allegedly discovered a document pertaining to LabMD, Inc. containing the personal information of thousands of patients on a peer-to-peer network. Tiversa contacted LabMD in May 2008, explaining that it believed it had identified a data breach at the company and offering “remediation” services through a professional services agreement. LabMD did not accept Tiversa’s offer because LabMD believed it had contained and resolved the data breach. Tiversa, through an entity known as the Privacy Institute, later provided the FTC with a document it created that included information about LabMD, among other companies. Tiversa allegedly provided information to the FTC about companies that refused to buy its services. In the case of LabMD, after Tiversa provided information to the FTC, the Commission sought an enforcement action against the company under its Section 5 authority related to deceptive and unfair trade practices. New information has surfaced indicating that information Tiversa supplied to the FTC may have been inaccurate
“The possibility that inaccurate information played a role in the FTC’s decision to initiate enforcement actions against LabMD is a serious matter,” said Chairman Issa in today’s letter. “The FTC’s enforcement actions have resulted in serious financial difficulties for the company. Additionally, the alleged collaboration between the FTC and Tiversa, a company which has now admitted that the information it provided to federal government entities—including the FTC—may be inaccurate, creates the appearance that the FTC aided a company whose business practices allegedly involve disseminating false data about the nature of data security breaches.”
The letter continues: “Further, the Committee has received information from current and former Tiversa employees indicating a lack of truthfulness in testimony Tiversa provided to federal government entities. The Committee’s investigation is ongoing, and competing claims exist about the culpability of those responsible for the dissemination of false information. It is now clear, however, that Tiversa provided incomplete and inaccurate information to the FTC.”
Read the letter and embedded below.