InfoBytes Blog
Filter
Subscribe to our InfoBytes Blog weekly newsletter and other publications for news affecting the financial services industry.
FTC Approves Final Orders to Settle Allegations That Companies Misrepresented Participation in International Privacy Program
On April 14, the FTC announced final orders against three U.S. companies, resolving allegations that the companies had falsely represented their participation in the Asia-Pacific Economic Cooperation Cross-Border Privacy Rules (APEC CBPR) system in their online privacy policies (see previous InfoBytes post). Following a 30-day public comment period, the Commission voted 2-0 to approve the final orders, which prohibit the companies from “misrepresenting their participation, membership or certification in any privacy or security program sponsored by a government or self-regulatory or standard-setting organization.” Furthermore, the Commission issued a response letter to one of the commenters stating that although the Commission is not authorized to seek civil penalties for an initial violation, upon approval of the final order, one of the companies “will be subject to civil penalties of up to $40,654 per violation per day,” as a compliance incentive and to deter other companies from engaging in similar conduct.
U.S. Companies Settle FTC Charges that They Deceived Consumers About International Privacy Program Participation
On February 22, the FTC announced that it had reached settlements with three U.S. companies over charges that the companies falsely represented their participation in the Asia-Pacific Economic Cooperation Cross-Border Privacy Rules (APEC CBPR) system in their online privacy policies. Participation requires an official review and certification, a process none of the three companies underwent according to the three complaints. The complaints alleged violations of the FTC Act due to deceptive statements made by the companies that they participated in the APEC CBPR system. The settlement terms bar the defendants from “misrepresenting their participation, membership or certification in any privacy or security program sponsored by a government or self-regulatory or standard-setting organization.”