Calling all Cybersecurity Whistleblowers: DOJ Wants You to Report Cyber Fraud
This October, Deputy Attorney General Lisa Monaco announced that the Department of Justice (DOJ) is launching a Civil Cyber-Fraud Initiative as part of the department’s increased focus on False Claims Act enforcement in the cybersecurity space. This initiative places whistleblowers and False Claims Act relators front-and-center as critical parts of the government’s cybersecurity strategy.
The Civil Cyber-Fraud Initiative’s main tool of the False Claims Act empowers insiders to hold individuals or companies to higher standard with regard to protecting government data. Specifically, the initiative scrutinizes individuals or companies providing services to the government that knowingly fail to report cybersecurity breaches, provide insufficient cybersecurity services, or claim to provide cybersecurity services which they in fact do not.
Centering the DOJ’s Civil Cyber-Fraud Initiative around the False Claims Act highlights the importance of whistleblowers in bringing malfeasance to the government’s attention. For reporting fraud, whistleblowers can receive 15-25% of the government’s recovery.
October is Cybersecurity Awareness Month, an initiative from the Cybersecurity Infrastructure & Security Agency, intended to increase awareness about safe digital citizenship.
The DOJ’s increased focus on cybersecurity fraud announcement also entered the news cycle around the same time as the Facebook whistleblower hearing. As quoted in a recent article about Facebook whistleblower Frances Haugen, Partner Renée Brooker notes,
“Big Tech’s attempt to silence whistleblowers are antithetical to the principles that underlie federal laws and federal whistleblower programs that seek to ferret out illegal activity. Those reporting laws include federal and state False Claims Acts, and the SEC Whistleblower Program, which typically feature whistleblower rewards and anti-retaliation provisions.
“Facebook should not be singled out as a lone actor. Big Tech needs to be held accountable and insiders can and should be encouraged to come forward and be prepared to back up their allegations with hard evidence sufficient to allow governments to conduct appropriate investigations.”
Is the False Claims Act an effective tool at fighting fraud? Yes! Per the Taxpayers Against Fraud Education Fund analysis, comparing the amount of money the government spends on fraud prosecution versus the money it has recovered from fraudsters, the rate of return on False Claims Act cases is approximately 20:1.
Goals of the DOJ’s initiative also include “ensuring that companies that follow the rules and invest in meeting cybersecurity requirements are not at a competitive disadvantage” and “improving overall cybersecurity practices that will benefit the government, private users, and the general public.” Reporting cyber fraud, and thereby improving cybersecurity, benefits all users.