Secure data centre operator NTT Global Data Centers has reached an agreement with the Federal Trade Commission (FTC) in the US over allegations it beached rules governing the Privacy Shield programme. This allows transfer of data from European Union countries to the United States in compliance with EU law.
The FTC claims the NTT business formerly known as RagingWire misled consumers about its participation in Privacy Shield and failed to adhere to the programme’s requirements before and after allowing its certification to lapse.
As part of the proposed settlement, NTT must hire a third-party assessor to verify it is adhering to its Privacy Shield promises if it plans to participate in the programme, the FTC said.
The proposed accord also prohibits the company from misrepresenting its participation in the Privacy Shield or any other privacy or data-security programme sponsored by government, or self-regulatory or standard-setting organisations.
Should NTT’s Privacy Shield certificate lapse in the future, the company must continue to apply the programme’s protections to personal information collected while participating, or return or delete the information.
The draft agreement remains subject to public comment for 30 days after which the commissioners will decide whether to make the proposed consent order final.
Catch the replays and discover the best talks from Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.