Six U.S. businesses have agreed to settle Federal Trade Commission charges that they deceived consumers by falsely claiming they were abiding by an international privacy framework that provides a means for U.S. companies to transfer data from the European Union to the United States in keeping with EU and U.S. law.
According to six separate complaints filed by the FTC, the six companies deceptively claimed they held current certifications under the EU/U.S. Safe Harbor framework. The framework is a voluntary program administered by the U.S. Department of Commerce in consultation with the European Commission. To participate, a company must self-certify annually to the Department of Commerce that it complies with a defined set of privacy principles.
The FTC complaints charge World Innovators, Inc.; ExpatEdge Partners LLC; Onyx Graphics, Inc.; Directors Desk LLC; Collectify LLC; and Progressive Gaitways LLC with representing that they held current certifications to the Safe Harbor program, even though the companies had allowed their certifications to lapse.
Under the proposed settlement agreements, which are subject to public comment, the companies are prohibited from misrepresenting the extent to which they participate in any privacy, security, or other compliance program sponsored by a government or any third party.
Consumers who want to know whether a U.S. company is a participant in the Safe Harbor program can go to http://export.gov/safeharbor to see if the company holds a current self-certification.
The proposed settlements do not include any monetary penalties nor any admission of guilt, but would require compliance monitoring for 20 years.