News Archives

Tuesday, August 2, 2016

FTC Cracks Down on False APEC CBPR Certification Claims

In mid-July, the Federal Trade Commission issued warning letters to 28 companies about apparently false claims on their websites that they were certified participants in the APEC Cross-Border Privacy Rules (CBPRs).  Only APEC-recognized Accountability Agents, such as TRUSTe, can certify that the privacy policies and practices of participating companies are compliant with the CBPR system program requirements.  The letters ask the companies to immediately remove representations claiming CBPR participation from all public documents and threaten to take legal action if a timely and satisfactory response is not received.  The identity of the companies receiving the letters was not disclosed.  

The CBPR system is a self-regulatory initiative to protect data that moves among APEC member economies through a voluntary but enforceable code of conduct implemented by participating businesses. Four APEC members are currently participating in the CBPR system:  the US, Mexico, Japan and Canada.  At present there are 16 APEC CBPR-certified companies, including Apple, Box, Cisco, HP, IBM, Merck, Workday and Ziff Davis.  The operational use and value of the certifications, apart from positive public relations, remains opaque.

No comments:

Post a Comment