On September 3, 2019, the FTC announced proposed settlements with five companies that falsely claimed to participate in the EU-US Privacy Shield framework (“Privacy Shield”). As in several past enforcement actions, most of the companies falsely claimed they participated in Privacy Shield, when in fact they had never completed the certification process. But unlike past enforcement actions, one case focused on a Privacy Shield participant’s failure to comply with the substantive requirements of the program. That case teaches some important lessons for companies that participate—or are considering participating—in the Privacy Shield.
Read the full article on Practical Privacy.