We use cookies to deliver our online services. Details of the cookies we use and instructions on how to disable them are set out in our Cookies Policy. By using this website you agree to our use of cookies. To close this message click close.

McDowell v. CGI Federal Inc.: A Stark Reminder to Government Contractors of Their Cybersecurity Obligations

10 October 2017

On 1 June 2017, the U.S. District Court for the District of Columbia issued a decision in a class action lawsuit, McDowell v. CGI Federal Inc., Civ. Action No. 15-1157 (GK) (D.D.C. 2017), which could have significant repercussions for government contractors operating information systems that house government information.

The case arose after employees of CGI Federal Inc. (CGI) allegedly stole personally identifiable information (PII) obtained pursuant to a contract with the U.S. Department of State. Under this contract, CGI processed passport applications, which contained a significant amount of PII. The plaintiffs allege that, as part of its activities under the contract, CGI processed information on CGI-owned systems and assisted with maintaining Department of State systems. According to the filings, the contract provided that all information submitted through passport applications was U.S. Government property and required CGI to safeguard all such information.

Read More: McDowell v. CGI Federal Inc.: A Stark Reminder to Government Contractors of Their Cybersecurity Obligations

Contacts

Loading data