Skip to main content
Skip to navigation

Regulatory Enforcement

DOJ official addresses liability concerns stemming from Uber CSO case

By Aaron Nicodemus2022-12-12T20:05:00

A Department of Justice (DOJ) official called the conviction of a former Uber Technologies chief security officer (CSO) on obstruction charges an “outlier” that should not discourage compliance officers from self-reporting violations.

In remarks made Dec. 6 at an American Bankers Association conference, Principal Associate Deputy Attorney General Marshall Miller said the agency’s pursuit of obstruction and concealment charges against former Uber CSO Joseph Sullivan “stemmed from an extreme set of actions that represent an acute outlier from regular compliance practice.”

Some in the compliance and cybersecurity community expressed concern following the October verdict that it could set a new standard for individual liability regarding company data breaches. Miller acknowledged this during his remarks.

THIS IS MEMBERS-ONLY CONTENT

cw-membership

You are not logged in and do not have access to members-only content.

If you are already a registered user or a member, SIGN IN now.

Related articles

News Brief
Ex-Uber security chief avoids prison in obstruction case

2023-05-05T17:31:00Z By Aaron Nicodemus

The former chief security officer of Uber Technologies was sentenced to probation by a federal court judge as punishment for his involvement in covering up a 2016 data breach that affected 57 million users.
Premium
Study: Healthcare overtakes finance as most breached industry in 2022

2023-01-31T21:06:00Z By Jeff Dale

Healthcare organizations were under attack more than ever by cybercriminals in 2022, overtaking finance as the most breached industry, according to the latest analysis from Kroll.
Article
Uber CSO ruling fallout: Individual liability extends to data breach response

2022-10-20T15:07:00Z By Aaron Nicodemus

The case of the Uber chief security officer found guilty by a jury on two felonies for covering up a data breach and misleading federal regulators opens up another potential individual liability issue executives handling cyber incidents face, according to legal experts.

More from Regulatory Enforcement

Article
FTC suit against Uber gains traction with 21 states and DC joining in

2025-12-18T18:28:00Z By Adrianne Appel

The Federal Trade Commission allegations against Uber, alleging deceptive billing and subscription cancellations, have snowballed, with 21 states and the District of Columbia joining the lawsuit.
Article
Top Ethics and Compliance Failures of 2025

2025-12-17T20:09:00Z By Adrianne Appel

The 2025 year has been so rich with compliance stinkers, and rife with poor judgment, compliance missteps, outright malfeasance and greed, greed, greed, that it was almost impossible to choose just six epic compliance failures from this year’s massive poop pile.
Article
FATF focus on criminal asset recovery points to a more investigatory role for compliance

2025-12-11T21:18:00Z By Ruth Prickett

Global organised crime is booming, and only 1 to 2 percent of the $4 trillion black economy is intercepted, according to figures from the Financial Action Task Force. Its new guidance suggests that countries should focus on rapid investigations, collaborative intelligence gathering, and confiscating the proceeds of criminal activity.