The Federal Trade Commission has settled with three companies over charges they had falsely claimed they were participating in the E.U.-U.S. Privacy Shield Framework, which was struck to protect cross-border data flows.
It is the first FTC action related to the shield.
The FTC alleged that the companies, software company Decusoft, printer Tru Communications, and real estate leasing company MD7, had failed to complete the Privacy Shield certification process.
As part of the agreement, the companies "are prohibited from misrepresenting the extent to which they participate in any privacy or data security program sponsored by the government or any self-regulatory or standard-setting organization and must comply with FTC reporting requirements."
The FTC can't levy fines on a first offense, but can if the agreement is violated. The public will have 30 days to comment on the settlement before the FTC makes it final.
Related: LeBlanc Tapped As Privacy Shield Arbitrator
The privacy shield replaces the safe harbor agreement that a European Union court invalidated in October 2015 over concerns about the U.S. being able to hold up its end of the agreement given the government surveillance revealed by the Edward Snowden leaks. The voluntary framework requires companies to provide notice of what personal information is being collected and stored, the purposes it is used for, and an "opt out" mechanism.
(Photo via Jeff Kubina's Flickr. Image taken on June 20, 2017 and used per Creative Commons 2.0 license. The photo was cropped to fit 16x9 aspect ratio.)
The smarter way to stay on top of broadcasting and cable industry. Sign up below.
Thank you for signing up to Broadcasting & Cable. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.