The Federal Trade Commission (FTC) announced – on 21 January 2014 – that 12 US businesses from a wide range of sectors, including accounting, health and pharmaceutical, data security and mobile app developers, have agreed to settle charges that they deceptively claimed to be adhering to the US-EU Safe Harbor Framework. “Enforcement of the US-EU Safe Harbor Framework is a Commission priority,” said FTC Chairwoman Edith Ramirez. “These 12 cases help ensure the integrity of the [Framework] and send the signal to companies that they cannot falsely claim participation in the program.” Damon Greer, former Director of the Safe Harbor Framework said, “I suspect, though not certain, that internal pressures mounted within the FTC and administration to take affirmative action to prove that the enforcement component of Safe Harbor has teeth.” The FTC recognised that the businesses had certified with Safe Harbor, however they were charged with deceptively representing that they held Safe Harbor certifications when in fact they had allowed these certifications to lapse, in violation of Section 5 of the FTC Act. They have entered into 20-year consent agreements with the FTC, and are prohibited from misrepresenting participation in any privacy or data security program. “Given the current attention to Safe Harbor […] I would be surprised if the FTC is not currently investigating substantive violations of Safe Harbor,” said Christopher Wolf, Partner at Hogan Lovells.
Read more
