So you’ve received a Civil Investigative Demand (CID) from the Federal Trade Commission related to a consumer protection matter. Now what? We appreciate that it can be daunting for any company – especially a small business – and we want to be as transparent as possible about the process.
Blog Posts Tagged with Privacy Shield
The EU-U.S. Privacy Shield Framework has been in place for more than a year and the Swiss-U.S. Privacy Shield went into effect in April 2017. Self-certification programs like Privacy Shield offer benefits to business and protections for consumers. The FTC enforces the promises companies make when they join the frameworks, as well as false claims of participation.
Commercial cross-border data flows continue to grow in our internet-enabled economy. These data flows, often involving personal data, support innovative new business services and consumer products. At the same time, they raise questions of how to protect privacy across borders. Various mechanisms help both businesses and consumers with this challenge. One in which the FTC plays a key role is the EU-U.S. Privacy Shield.
The privacy framework for transatlantic exchanges of personal data between the EU and the United States has been in the headlines lately. But are you and your clients staying on top of your obligations on the Pacific side? If your company certifies its compliance with the Asia-Pacific Economic Cooperation (APEC) Cross Border Privacy Rules, a proposed FTC settlement with Very Incognito Technologies serves as a reminder to honor those promises.
At the Federal Trade Commission, we’ve been very public about how we feel about privacy: we want consumers to enjoy the benefits of innovation in the marketplace, confident that their personal information – online and offline – is being handled responsibly.
An app developer, a medical waste company, a skateboard event sponsor, a stock car racing school, and a bagel purveyor. That’s either the strangest answer to a Jeopardy! question – or a partial list of companies that just settled FTC charges that they falsely claimed they were certified members of the U.S.-EU or U.S.-Swiss Safe Harbor Framework.
Does your company participate in the U.S.-EU Safe Harbor Framework? It’s a voluntary international privacy program administered by the Department of Commerce that lets companies transfer data from the EU to the U.S. in compliance with EU law. Of course, data security and privacy are everyday obligations for companies, but are you honoring one particular once-a-year provision? And what about promises you make regarding how you resolve consumer disputes?
If your company transfers consumer data from the European Union to the U.S., you’ll want to know about the U.S.-EU Safe Harbor Program, a voluntary international privacy framework that lets companies transfer data from the EU to the U.S. in a way that complies with EU law.