Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

Software trainer settles with FTC over EU privacy claims

Reprints
Software trainer settles with FTC over EU privacy claims

An Oakland, California-based online software training company has reached a settlement with the Federal Trade Commission for allegedly falsely claiming on its website that it was in the process of certifying its compliance with the EU-U.S. Privacy Shield Framework, although it will not have to pay any fines under the agreement, according to the FTC.

The framework establishes a process to allow companies to transfer consumer data from European Union countries to the United States in compliance with European Union law, the FTC said Monday in a statement.

In July 2016, the European Commission deemed the EU-U.S. Privacy Shield Framework adequate to enable data transfers under EU law, according to the International Trade Administration, whose website is managed by the U.S. Department of Commerce.

Observers also have said that the Privacy Shield permits U.S. companies to comply with requirements regarding the transfer of data out of the European Union under the EU’s General Data Privacy Regulation, which took effect May 25. 

The FTC said in Monday’s statement that while Oakland, California-based ReadyTech Corp. initiated an application to the U.S. Commerce Department in October 2016, it did not complete the steps necessary to participate in the Privacy Shield framework. It said the company’s false claim that it is in the process of certification violates the FTC Act’s prohibition against deceptive acts or practices.

The FTC said as part of the settlement ReadyTech is prohibited from misrepresenting its participation in any privacy or security program sponsored by a government or any self-regulatory or standard-setting organization and must comply with standard reporting and compliance requirements.

“Today’s settlement demonstrates the FTC’s continuing commitment to vigorous enforcement of the Privacy Shield,” FTC Chairman Joe Simons said in the statement. “We believe Privacy Shield is a critical tool for ensuring transatlantic data flows and protecting privacy that benefits both companies and consumers.”

A ReadyTech spokesman could not be reached for comment.

The commission voted 5-0 to issue the administrative complaint in the case. The agreement will be subject to public comment through Aug. 1, after which the commission will decide whether to make the proposed consent order final. Each violation of such an order may result in a civil penalty of up to $41,484, said the FTC.

The FTC said this is the fourth case enforcing Privacy Shield, and there have been a total of 47 cases enforcing it as well as the predecessor Safe Harbor frameworks and the Asia Pacific Economic Cooperation Cross Border Privacy Rules framework.

 

 

Read Next

  • Security claims expected to surge with GDPR: AIG report

    A surge in data breach and other security failure claims can be expected when the European Union’s General Data Protection Regulation takes effect Friday, says American International Group Inc. in a report issued Thursday.