US Regulator orders security companies to stop misrepresenting themselves

News by SC Staff

A US consumer protection regulator has ordered three security companies to stop misrepresenting themselves as participants in a major US-Asia privacy agreement.

The US Federal Trade Commission has approved the final regulatory orders on several security companies after they misrepresented themselves by telling customers that they abided by rules set out by a US-Asia privacy agreement.

Sentinel Labs, SpyChatter and Vir2us were charged with claiming to participate in the Asia-Pacific Economic Cooperation Cross Border Privacy Rules (APEC CBPR) by the FTC and were charged in February.  The rules provide a framework for international data flows between the US and countries in the Asia Pacific region, while, according to the document “establishing meaningful protection for the privacy and security of personal information.” A European analogue of such an agreement can be found in EU-US Privacy Shield. 

The settlement with the FTC, which governs consumer protection in the US, stipulates that the companies can no longer misrepresent themselves as participants in any privacy programme sponsored by a government or regulatory organisation.

These three companies are to be made an example of, according to a letter from Donald S Clark, secretary of the FTC. He writes that the action “will deter other companies from engaging in similar conduct.”

If the orders are violated, continues the letter, SpyChatter, for example could have incurred civil penalties of up to US$ 40,654 (£31,644) “per violation per day”.


Topics:

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events