Written By ESR News Blog Editor Thomas Ahearn

On July 2, 2018, the Federal Trade Commission (FTC) announced that a company agreed to settle charges of falsely claiming to comply with the EU-U.S. Privacy Shield framework which allows the transfer of consumer data from European Union (EU) countries to the United States (U.S.), according to an FTC press release.

“Today’s settlement demonstrates the FTC’s continuing commitment to vigorous enforcement of the Privacy Shield,” FTC Chairman Joe Simons commented in the press release. “We believe Privacy Shield is a critical tool for ensuring transatlantic data flows and protecting privacy that benefits both companies and consumers.”

According to the FTC complaint, ReadyTech Corporation falsely claimed on its website that it was “in the process of certifying that we comply with the U.S.-E.U. Privacy Shield Framework.” The company initiated an application to the U.S. Department of Commerce (DOC)  in October 2016 but did not complete all the steps.

The Department of Commerce administers the framework while the FTC enforces the promises companies make when joining the Privacy Shield. The FTC alleges in its complaint that the company’s false claim that it is in the process of certification violates the FTC Act’s prohibition against deceptive acts or practices.

As part of the settlement, ReadyTech is prohibited from misrepresenting its participation in any privacy or security program sponsored by a government or any self-regulatory or standard-setting organization, including the EU-U.S. Privacy Shield framework and the Swiss-U.S. Privacy Shield framework.

This is the FTC’s fourth case enforcing Privacy Shield and continues the FTC’s commitment to enforcing international privacy frameworks, making a total of 47 cases enforcing the Privacy Shield, the predecessor Safe Harbor framework, and the Asia Pacific Economic Cooperation (APEC) Cross Border Privacy Rules.

In September 2017, three companies agreed to settle FTC charges that they misled consumers about their participation in the EU-U.S. Privacy Shield Framework. The actions against the companies were the first cases the FTC has brought to enforce the EU-U.S. Privacy Shield framework, which launched on August 1, 2016.

ESR Has Certified Adherence with Privacy Shield Framework

Employment Screening Resources (ESR) – a global background check firm – was one of the first adopters of the Privacy Shield Framework. The DOC’s International Trade Administration (ITA) certified ESR’s adherence to the EU-U.S. Privacy Shield on August 12, 2016, and the Swiss-U.S. Privacy Shield on March 5, 2018.

NOTE: Employment Screening Resources® (ESR) does not provide or offer legal services or legal advice of any kind or nature. Any information on this website is for educational purposes only.

© 2018 Employment Screening Resources® (ESR) – Making copies or using of any part of the ESR News Blog or ESR website for any purpose other than your own personal use is prohibited unless written authorization is first obtained from ESR.