FTC Announces Settlement Over Alleged Violations Of International Safe Harbor Privacy Framework

FTC Enforcement Privacy/Cyber Risk & Data Security

On February 11, the FTC announced a settlement to resolve allegations that a children’s online entertainment company falsely claimed it was abiding by the U.S.-EU Safe Harbor international privacy framework. The FTC alleged that the company deceptively claimed through statements in its privacy policy that it held current certifications under the Safe Harbor Framework even though it had allowed its certification to lapse. The FTC did not allege that the company committed any substantive violations of the privacy principles of the Safe Harbor framework or other privacy laws. The proposed settlement agreement, which is subject to public comment, would prohibit the company from misrepresenting the extent to which it participates in any privacy or data security program sponsored by the government or any other self-regulatory or standard-setting organization. The action follows a dozen similar actions recently announced by the FTC.