The FTC recently entered final orders against two U.S. companies, TES Franchising LLC and American International Mailing, Inc., for deceptively representing to consumers that each company had a current certification under the U.S.-EU and U.S.-Swiss Safe Harbor frameworks.

The Federal Trade Commission (FTC) recently entered final orders against two U.S. companies, TES Franchising LLC and American International Mailing, Inc., for deceptively representing to consumers that each company had a current certification under the U.S.-EU and U.S.-Swiss Safe Harbor frameworks. The final orders result from enforcement actions settled in April alleging that each company represented to consumers that it had current certifications where, in fact, the certifications had expired years earlier.

The U.S.-EU and U.S.-Swiss Safe Harbor programs allow U.S. companies to transfer data to the U.S. from European Economic Area and Switzerland, respectively, and companies who certify agree to certain principles with respect to such data transfers. Companies have an obligation to renew their certification yearly with the U.S. Department of Commerce. In the instant cases, the FTC alleged that representing to consumers that an expired certification is current is a deceptive trade practice. The order against TES Franchising also alleges that the company misled consumers about the nature of its dispute resolution process and its TRUSTe certification. While the company’s website stated that any U.S.-EU Safe Harbor disputes would be settled by arbitration in Connecticut with costs split evenly between the parties, its Safe Harbor filing stated that disputes would be settled with European data protection authorities.

TIP: As we have reported on previously, cases like this are a reminder to check your companies' Safe Harbor status with the U.S. Department of Commerce and ensure there are no references to your participation in the program in your privacy policy if your status is not listed as current.