Hogan Lovells Publications | 10 October 2017

McDowell v. CGI Federal Inc.: A Stark Reminder to Government Contractors of Their Cybersecurity Obligations

On 1 June 2017, the U.S. District Court for the District of Columbia issued a decision in a class action lawsuit, McDowell v. CGI Federal Inc., Civ. Action No. 15-1157 (GK) (D.D.C. 2017), which could have significant repercussions for government contractors operating information systems that house government information.

The case arose after employees of CGI Federal Inc. (CGI) allegedly stole personally identifiable information (PII) obtained pursuant to a contract with the U.S. Department of State. Under this contract, CGI processed passport applications, which contained a significant amount of PII. The plaintiffs allege that, as part of its activities under the contract, CGI processed information on CGI-owned systems and assisted with maintaining Department of State systems. According to the filings, the contract provided that all information submitted through passport applications was U.S. Government property and required CGI to safeguard all such information.

Read More: McDowell v. CGI Federal Inc.: A Stark Reminder to Government Contractors of Their Cybersecurity Obligations


Download PDF Back To Listing

Contacts

Michael F. Mason

Michael F. Mason

Partner
Washington, D.C.

Michael J. Scheimer

Michael J. Scheimer

Partner
Washington, D.C.

Stacy Hadeka

Stacy Hadeka

Counsel
Washington, D.C.

Contact us

Related industries

Aerospace and Defense

Related practices

Government Contracts IT Law Privacy and Cybersecurity

Related areas of focus

Consumer Protection and Privacy Cybersecurity for A&D Companies
Subscribe