Skip to main content
Menu Icon Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations
Section Content

Upcoming Events

Filter

Subscribe to our InfoBytes Blog weekly newsletter for news affecting the financial services industry.

  • FTC Approves Final Orders to Settle Allegations That Companies Misrepresented Participation in International Privacy Program

    Privacy, Cyber Risk & Data Security

    On April 14, the FTC announced  final orders against three U.S. companies, resolving allegations that the companies had falsely represented their participation in the Asia-Pacific Economic Cooperation Cross-Border Privacy Rules (APEC CBPR) system in their online privacy policies (see previous InfoBytes post). Following a 30-day public comment period, the Commission voted 2-0 to approve the final orders, which prohibit the companies from “misrepresenting their participation, membership or certification in any privacy or security program sponsored by a government or self-regulatory or standard-setting organization.” Furthermore, the Commission issued a response letter to one of the commenters stating that although the Commission is not authorized to seek civil penalties for an initial violation, upon approval of the final order, one of the companies “will be subject to civil penalties of up to $40,654 per violation per day,” as a compliance incentive and to  deter other companies from engaging in similar conduct.

    Privacy/Cyber Risk & Data Security FTC APEC CBPR

    Share page with AddThis
  • U.S. Companies Settle FTC Charges that They Deceived Consumers About International Privacy Program Participation

    Courts

    On February 22, the FTC announced that it had reached settlements with three U.S. companies over charges that the companies falsely represented their participation in the Asia-Pacific Economic Cooperation Cross-Border Privacy Rules (APEC CBPR) system in their online privacy policies. Participation requires an official review and certification, a process none of the three companies underwent according to the three complaints. The complaints alleged violations of the FTC Act due to deceptive statements made by the companies that they participated in the APEC CBPR system. The settlement terms bar the defendants from “misrepresenting their participation, membership or certification in any privacy or security program sponsored by a government or self-regulatory or standard-setting organization.”

    Courts Privacy/Cyber Risk & Data Security FTC APEC CBPR

    Share page with AddThis