By Matt Klinger
In late January, the Federal Trade Commission (FTC) announced settlements with three professional football
teams, a large internet service provider, and eight other companies over
charges they falsely claimed compliance with a framework that allows the
transfer of personal data from the European Union to the United States.
To comply with the
framework, known as Safe Harbor, an organization must annually self-certify to
the U.S Department of Commerce that it meets certain privacy protection
requirements. But organizations that let their certification lapse, as
some in the settlement agreement did, can no longer claim compliance.
Some observers question whether the announcement is an effort to
mollify E.U. officials who have recently questioned the effectiveness of Safe
Harbor. No matter the impetus, the FTC has made its commitment to
enforcing Safe Harbor clear, and certified organizations should remain vigilant
about their status.
0 comments:
Post a Comment