Four companies just entered into proposed agreements with the FTC to settle charges that they made misrepresentations about their participation in the EU-U.S. Privacy Shield. The cases reflect the FTC’s continuing commitment to enforcing the framework. Two of the complaints also focus on a Privacy Shield obligation that may be worth more of your company’s attention.
Blog Posts Tagged with Privacy Shield
A proposed FTC settlement with California-based employee training company ReadyTech Corporation reminds businesses that if you make claims about EU-U.S. Privacy Shield participation, you have an obligation to live up to those promises. The case also serves as further confirmation of the FTC’s commitment to the framework.
The EU-U.S. Privacy Shield Framework has been in place for more than a year and the Swiss-U.S. Privacy Shield went into effect in April 2017. Self-certification programs like Privacy Shield offer benefits to business and protections for consumers. The FTC enforces the promises companies make when they join the frameworks, as well as false claims of participation.
Commercial cross-border data flows continue to grow in our internet-enabled economy. These data flows, often involving personal data, support innovative new business services and consumer products. At the same time, they raise questions of how to protect privacy across borders. Various mechanisms help both businesses and consumers with this challenge. One in which the FTC plays a key role is the EU-U.S. Privacy Shield.
The privacy framework for transatlantic exchanges of personal data between the EU and the United States has been in the headlines lately. But are you and your clients staying on top of your obligations on the Pacific side? If your company certifies its compliance with the Asia-Pacific Economic Cooperation (APEC) Cross Border Privacy Rules, a proposed FTC settlement with Very Incognito Technologies serves as a reminder to honor those promises.
At the Federal Trade Commission, we’ve been very public about how we feel about privacy: we want consumers to enjoy the benefits of innovation in the marketplace, confident that their personal information – online and offline – is being handled responsibly.
An app developer, a medical waste company, a skateboard event sponsor, a stock car racing school, and a bagel purveyor. That’s either the strangest answer to a Jeopardy! question – or a partial list of companies that just settled FTC charges that they falsely claimed they were certified members of the U.S.-EU or U.S.-Swiss Safe Harbor Framework.
Does your company participate in the U.S.-EU Safe Harbor Framework? It’s a voluntary international privacy program administered by the Department of Commerce that lets companies transfer data from the EU to the U.S. in compliance with EU law. Of course, data security and privacy are everyday obligations for companies, but are you honoring one particular once-a-year provision? And what about promises you make regarding how you resolve consumer disputes?
If your company transfers consumer data from the European Union to the U.S., you’ll want to know about the U.S.-EU Safe Harbor Program, a voluntary international privacy framework that lets companies transfer data from the EU to the U.S. in a way that complies with EU law.