The Federal Trade Commission has finalized a settlement with tech company Medable for falsely claiming its privacy policy was in compliance with the EU-U.S. Privacy Shield framework.
Compliance gives companies a safe harbor from which to transfer consumer's data from European countries to the U.S.
Related: FTC Cracks Down on Alleged Privacy Shield Pretenders
The FTC had alleged that the company had falsely claimed that it was a certified participant in the shield. Medable can no longer make such a misrepresentation about the shield or any other self-regulatory or standard setting body. The vote on the settlement was 5-0.
Related: EU Says Privacy Shield is Working
The privacy shield replaced the safe harbor agreement that a European Union court invalidated in October 2015 over concerns about the U.S. being able to hold up its end of the agreement given the government surveillance revealed by the Edward Snowden leaks. The voluntary framework requires companies to provide notice of what personal information is being collected and stored, the purposes it is used for, and an "opt out" mechanism.
