False Claims Act case based on DoD's cybersecurity regulations survives motion to dismiss | Georgia Tech Procurement Assistance Center

In the summer of 2015, we cautioned that the Department of Defense’s (DoD’s) new cybersecurity regulations could be used offensively to support False Claims Act (FCA) cases and bid protests. Four years later, those premonitions have unfortunately come true. Recently, a federal court refused to dismiss a relator’s implied certification FCA case in which he alleged that his employer “misrepresented … to the government the extent to which it had equipment required by the regulations, instituted required security controls, and possessed necessary firewalls” in violation of DoD’s cybersecurity regulations. United States ex rel. Markus v. Aerojet Rocketdyne Holdings, Inc., No. 2:15-cv-2245, 2019 WL 2024595, *3 (E.D. Cal. May 8, 2019).

By way of background, the False Claims Act imposes civil and potentially criminal liability on anyone who knowingly presents a false or fraudulent claim for payment to the federal Government, or knowingly makes, uses or causes to be made or used, a false record or statement material to a false or fraudulent claim. 31 U.S.C. § 3729(a)(1)(A) & (B). The FCA permits a private person, known as a relator, to bring a qui tam civil lawsuit in the name of Government against anyone who violates the Act. Civil remedies can include up to three times the actual damages suffered by the Government as a result of the false claim along with a civil penalty between $5,000 and $10,000 for each violation. The relator receives a share of any proceeds from the action—generally 15 to 25 percent if the Government intervenes, and 25 to 30 percent if it does not, plus attorneys’ fees and costs. The FCA also has a lengthy statute of limitations of either six years from when the fraud is committed or three years after the Government knows or should know about the material facts giving rise to the claim, whichever is later, as long as the action is filed within ten years of the alleged fraud. 31 U.S.C. § 3731(b); Cochise Consultancy, Inc. v. United States ex rel. Hunt, 587 U.S. __ (May 13, 2019) (noting “if the Government discovers the fraud on the day it occurred, it would have 6 years to bring suit, but if a relator instead discovers the fraud on the day it occurred and the Government does not discover it, the relator could have as many as 10 years to bring suit”).

Read more at: Privacy and Data Security Insight

False Claims Act case based on DoD’s cybersecurity regulations survives motion to dismiss

Contracting News

Federal contractor indicted for stealing over $1.2 million from the U.S. Postal Service

CMMC announces new advisory council to collect industry feedback

EEOC announces April 26 opening date for the collection of 2019 and 2020 EEO-1 component 1 data

Contractors line up to rebuild MARTA’s Five Points Station

GDOT announces $828.8 million in projects to transform Ga. 316

Contracting Tips

A whole new marketplace: GSA’s “commercial platforms” initiative

CRS Reports: Mentor-Protégé programs and small business size standards

CRS Report: Small businesses and COVID-19, relief and assistance resources

How do I find out what the government is buying?

Past performance isn’t always a required evaluation factor, says GAO

GTPAC News

SBA hosting “Contract Bonds and Surety Bond Guarantee” webinar April 20th

GSA hosting “Getting on the GSA Schedule” webinar April 13th

NIH hosting 2021 small business program conference April 26-30th

Defense Counterintelligence and Security Agency hosting industry day and matchmaking May 6th and 20th

Missile Defense Agency hosting virtual conference May 11-13th

Georgia Tech News

Georgia Tech creates new Office of Corporate Engagement

Delta Jacket wins 2021 Georgia Tech InVenture prize

Future of 5G is under the microscope at Georgia incubator

Collective worm and robot “blobs” protect individuals, swarm together

The Partnership for Inclusive Innovation is now accepting applications for pilot programs