FTC Bolsters Enforcement of EU-U.S. Safe Harbor Framework


Ann Killilea, commenting about an FTC crackdown on companies that falsely certify compliance with the US and EU data protection safe harbor, said that such enforcement is essential to ensure compliance, adding that having the ability to self-certify compliance with the safe harbor encourages companies “to develop, sometimes for the first time, an enterprise-wide data protection program.” Ms. Killilea recommended that companies “institute a systemic reminder six months prior to the recertification date that triggers compliance review activity with a due date for completion prior to the recertification deadline.”