Commercial Litigation Update

On August 22, 2024, the United States Department of Justice (“DOJ”) filed a complaint-in-intervention in a whistleblower lawsuit brought against Georgia Institute of Technology (“Georgia Tech”) and Georgia Tech Research Corporation (“GTRC”) asserting claims under the False Claims Act (“FCA”) and federal common law based on allegations that Georgia Tech and GTRC failed to meet cybersecurity requirements mandated by U.S. Department of Defense (“DoD”) contracts and DoD regulations.

In United States ex rel. Craig v. Georgia Tech Research Corp, et al., which is pending in the United States District Court for the Northern District of Georgia, the DOJ alleges that, from as early as May 2019, Georgia Tech and GTRC, an affiliate of Georgia Tech that contracts with government agencies for work to be performed at Georgia Tech, failed to enforce cybersecurity regulations in order to allegedly “accommodate ‘researchers [who were] pushing back’ on cybersecurity compliance because they found it burdensome.” The complaint-in-intervention further alleges that, until at least February 2020, “Georgia Tech failed to enforce basic cybersecurity at the Astrolavos Lab” despite the lab possessing “nonpublic and sensitive DoD information.” It is also alleged that, even after Astrolavos Lab implemented a system security plan, Georgia Tech and GTRC “failed to: (1) assess the system on which the Astrolavos Lab processed, stored or transmitted sensitive DoD data using DoD’s prescribed assessment methodology; and (2) provide to DoD an accurate summary level score for Astrolavos Lab to demonstrate the state of the lab’s compliance with applicable cybersecurity regulations.” The submission of a summary level score is a “condition of contract” for most DoD contracts.

The widespread availability of Artificial Intelligence (AI) tools has enabled the growing use of “deepfakes,” whereby the human voice and likeness can be replicated seamlessly such that impersonations are impossible to detect with the naked eye (or ear). These deepfakes pose substantial new risks for commercial organizations. For example, deepfakes can threaten an organization’s brand, impersonate leaders and financial officers, and enable access to networks, communications, and sensitive information.

In 2023, the National Security Agency (NSA), Federal Bureau of Investigations (FBI), and Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity Information Sheet (the “Joint CSI”) entitled “Contextualizing Deepfake Threats to Organizations,” which outlines the risks to organizations posed by deepfakes and recommends steps that organizations, including national critical infrastructure companies (such as financial services, energy, healthcare and manufacturing organizations), can take to protect themselves. Loosely defining deepfakes as “multimedia that have either been created (fully synthetic) or edited (partially synthetic) using some form of machine/deep learning (artificial intelligence),” the Joint CSI cautioned that the “market is now flooded with free, easily accessible tools” such that “fakes can be produced in a fraction of the time with limited or no technical expertise.” Thus, deepfake perpetrators could be mere amateur mischief makers or savvy, experienced cybercriminals. 

Since the pandemic, COVID-19-related fraud has been a consistent target of the Department of Justice. The creation of the DOJ’s COVID-19 Enforcement Task Force in May 2021 marked the start of DOJ’s commitment to combatting COVID-19-related fraud. Since then, according to the Task Force’s 2024 Report, published in April of this year, the Task Force has charged over 3,500 defendants with federal crimes related to Covid-19 fraud, recovered more than $1.4 billion in stolen funds and reached over 400 civil settlements and judgments.

Most of these matters involved unemployment insurance (“UI”) benefits fraud, Paycheck Protection Program fraud (“PPP”), and Economic Injury Disaster Loan (“EIDL”) fraud , but other types of CARES Act fraud and health care fraud related to the COVID-19 pandemic were also charged. The quantum of fraud losses associated with these cases was reported to be over $2.1 billion.

Most recently, on August 8, 2024, the DOJ issued  a press release announcing that West Coast Dental Administrative Services LLC, operating a network of dental offices in Southern California, along with its founders and former owners, agreed to pay $6.3 million to resolve allegations that they knowingly violated the False Claims Act (“FCA”) in connection with seven improper loans that the company and its affiliated dental offices received under the PPP. Additionally, an unrelated real estate holdings company owned by one of the founders agreed to pay an additional $35,149.82 to resolve its potential liability under the FCA in connection with a separate PPP loan.

On June 27, 2024, the U.S. Department of Justice (“DOJ”) and the U.S. Department of Health and Human Services, Office of Inspector General (“HHS-OIG”), along with other federal and state law enforcement partners, announced the annual National Health Care Fraud Enforcement Action using criminal enforcement to target a wide variety of alleged health care fraud schemes.

What Has Stayed the Same and What Has Changed?

Similar to last year’s all-encompassing “takedown,” this year’s enforcement action charged defendants with schemes related to telemedicine and laboratory fraud; diversion of controlled substances (HIV medications and prescription stimulants); addiction treatment schemes; opioids and other familiar types of health care fraud (such as home health, DME and kickbacks).  However, the “headline” this year was a $900 million case in Arizona involving medically unnecessary amniotic wound grafts.

The 2024 enforcement action charged 193 defendants who allegedly have committed over $2.75 billion in fraud. The cases were brought by 32 different U.S. Attorneys’ Offices and 11 State Attorney Generals’ Offices. Although the dollar figure at issue is slightly higher than the 2023 enforcement action, the number of defendants is strikingly higher, with almost two and a half times as many defendants charged. Similarly, the cases were brought in almost twice as many federal districts as last year, suggesting that the Fraud Section is building more partnerships with U.S. Attorney’s Offices nationwide.  

New episode of our podcast, Speaking of Litigation:  FBI! Open up! Is your organization prepared to handle a government investigation?

Guilty or not, having a preparedness plan in place for when a government agency comes knocking is just as important as conducting a company fire drill.

In this episode of Speaking of Litigation, Epstein Becker Green litigators Alkida Kacani, George Breen, and Eric Moran discuss a few of the most common (and invasive) legal maneuvers government investigators may take when approaching a company or its employees.

When dealing with civil ...

On June 28, 2023, the U.S. Department of Justice (“DOJ”) and the U.S. Department of Health and Human Services, Office of Inspector General (“HHS-OIG”), along with other federal and state law enforcement partners, announced a nationwide health care fraud enforcement action targeting a variety of alleged health care fraud schemes. As has been the case over the last few years, DOJ and HHS-OIG have moved away from categorizing the enforcement action as a “takedown”. The government has not explained the naming change, but one explanation is that it is no longer properly considered a true “takedown” because the enforcement activity (charges, arrests) occurs over many weeks leading up to the day it is announced.  

In September 2020, the U.S. Department of Justice (“DOJ”) and the U.S. Department of Health and Human Services (“HHS”) Office of Inspector General (“OIG”) announced its annual healthcare-related “takedown.” The takedown, which involved enforcement actions that actually occurred over numerous months preceding the press event (and as such, the reference to a “takedown” is a misnomer”) targeted alleged schemes that related to opioid distribution, substance abuse treatment facilities (“sober homes”), and telehealth providers, the latter of ...

We are pleased to present Commercial Litigation Update, the newest blog from law firm Epstein Becker Green (EBG), which will offer engaging content about emerging trends and important developments in commercial and business litigation.

Commercial Litigation Update will feature thought leadership from EBG litigation attorneys and provide insightful and practical commentary and analysis on a wide range of timely litigation issues that affect businesses. Areas of interest will include trends and developments in antitrust, contract, defamation and product disparagement ...

On August 20, 2019, the Securities and Exchange Commission (“SEC”) charged Mosaic Capital, LLC, formerly known as AOC Securities, LLC (“AOC”), and its CEO with failing to adequately supervise an employee who engaged in securities fraud. Pursuant to the SEC Orders, AOC and its CEO were ordered to pay penalties of $250,000 and $40,000, respectively. The SEC’s actions serve as a reminder to broker-dealers—and members of firm management—of the potential for liability based on the actions of a self-dealing employee, and the need to guard against such activities.

The ...