Close
Enter your
text here

eDiscovery Daily Blog

Home » eDiscoveryDaily » Electronic Discovery » FTC Cracks Down on Privacy Shield Posers: Data Privacy Trends

FTC Cracks Down on Privacy Shield Posers: Data Privacy Trends

Did you ever wonder what happens if a company falsely claims that they are certified compliant with either the EU-U.S. or Swiss-U.S. Privacy Shield framework?  Or falsely claims that they are in the process of being certified compliant?  Apparently, the Federal Trade Commission (FTC) gets on their case about it.

According to ACEDS (California Company Settles FTC Charges Related to Privacy Shield Participation), ReadyTech Corporation, a California company, has agreed to settle Federal Trade Commission allegations that it falsely claimed it was in the process of being certified as complying with the EU-U.S. Privacy Shield framework, which establishes a process to allow companies to transfer consumer data from European Union countries to the United States in compliance with EU law (we covered details of the framework when it was introduced over two years ago).

“Today’s settlement demonstrates the FTC’s continuing commitment to vigorous enforcement of the Privacy Shield,” FTC Chairman Joe Simons commented. “We believe Privacy Shield is a critical tool for ensuring transatlantic data flows and protecting privacy that benefits both companies and consumers.”

According to the FTC’s complaint, the Commission alleges that ReadyTech, which provides online training services, falsely claimed on its website that it is “in the process of certifying that we comply with the U.S.-E.U. Privacy Shield Framework.” While ReadyTech initiated an application to the U.S. Department of Commerce in October 2016, the company did not complete the steps necessary to participate in the Privacy Shield framework. The Department of Commerce administers the framework, while the FTC enforces the promises companies make when joining the Privacy Shield.

The FTC alleges in its complaint that the company’s false claim that it is in the process of certification violates the FTC Act’s prohibition against deceptive acts or practices.

As part of the settlement, ReadyTech is prohibited from misrepresenting its participation in any privacy or security program sponsored by a government or any self-regulatory or standard-setting organization, including but not limited to the EU-U.S. Privacy Shield framework and the Swiss-U.S. Privacy Shield framework. It also must comply with standard reporting and compliance requirements.

This is the FTC’s fourth case enforcing Privacy Shield. It continues the FTC’s commitment to enforcing international privacy frameworks, making a total of 47 cases enforcing the Privacy Shield, the predecessor Safe Harbor framework, and the Asia Pacific Economic Cooperation Cross Border Privacy Rules framework.

As you may or may not know, CloudNine is certified for both the EU-U.S. and EU-Swiss Privacy Shield Frameworks (so, yes, at CloudNine we are “certifiable”).  :o)  Periodically, you have to recertify – in fact, I just completed the recertification process for CloudNine a while back.  It’s good to know that somebody is checking up on companies to make sure that their claims of being privacy shield compliant are valid.

So, what do you think?  Is your organization privacy shield certified?  Are your providers certified?  Please share any comments you might have or if you’d like to know more about a particular topic.

P.S. — Happy Birthday, Kiley!  You’re now officially a teenager!  😮

Sponsor: This blog is sponsored by CloudNine, which is a data and legal discovery technology company with proven expertise in simplifying and automating the discovery of data for audits, investigations, and litigation. Used by legal and business customers worldwide including more than 50 of the top 250 Am Law firms and many of the world’s leading corporations, CloudNine’s eDiscovery automation software and services help customers gain insight and intelligence on electronic data.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

print




WHAT CLIENTS ARE SAYING ABOUT CLOUDNINE

Great value product.

“Offers the major features we were looking for, at a fraction of pricing of other competitors.”

I used CloudNine as part of fraud investigation for email searches.

“…The tag function made it easy to flag the search results. I was impressed with the ease of use for a first-time user. The speed and ease of loading data and being able to review it immediately is a tremendous advantage over other Cloud-based platforms.”

Excellent tool with outstanding support

“CloudNine Review is excellent, it takes the best of the (market leader) review solution and leaves out all of the fiddly bits that make that product excruciating to use. Their upload and processing is automatic, and their pricing structure is the best I’ve seen.”

Great software that is easy to log on, user-friendly, has a great layout, and is easy to navigate.

“…CloudNine is great at searching documents, including tagging, and exporting. Software tailored to our business needs and streamlined the task at hand.

Discovery Production

This software is easy to use and allows us to upload and download documents as they become ready, saving us both time and money.

Stephanie Plake, Assistant to Attorney at Law Office

READY TO SEE THE SOFTWARE IN ACTION?

Request a CloudNine demo and see how easy eDiscovery can be!

REQUEST A DEMO