If you operate a website or app that collects personal user information, read on. Not taking the advice within could mean an unwanted visit from the Federal Trade Commission.
What are the International Safe Harbor Provisions and TRUSTe?
International Safe Harbor Certification Program
First things first: what, exactly, is a “Safe Harbor” provision?
In 1995, the European Union (“E.U.”) ratified rules regarding the digital transfer of personal information. In 2006 – in conjunction with the U.S. Department of Commerce – the E.U. created the Safe Harbor Framework, which allows U.S. businesses to demonstrate compliance with European standards.
U.S. and Swiss officials also rolled-out a separate, but near identical, program around the same time.
The Safe Harbor Frameworks are self-certification processes, but participants are required to comply with associated paperwork to maintain official compliance recognition.
True Ultimate Standards Everywhere Inc. (a.k.a., TRUSTe) is a private firm that offers security certifications. Primarily, businesses, who want to demonstrate a commitment to international data laws, use the company’s services. Businesses can apply for universally recognized TRUSTe licenses. Like the Safe Harbor Frameworks, licensees are required to renew every few years.
Two Companies Busted For Not Renewing Safe Harbor and TRUSTe Commitments
TES Franchising LLC (“TES”) and American International Mailing Inc (“AIM”) both self-certified under the U.S.-E.U. and U.S.-Swiss Safe Harbor Frameworks. The former first completed the process in 2011, the latter in 2006. TES also held a TRUSTe license.
Both companies, however, failed to renew the required paperwork – and the FTC found out. As a result, TES and AIM were saddled with 20-years of FTC-sanctioned, time-consuming bookkeeping, the non-completion of which could trigger a huge, legally enforceable fine.
Even If You Don’t Change Your Website or Procedures, Safe Harbor Renewal Is Mandatory
TES and AIM didn’t violate any Safe Harbor certification standards, they simply forgot to renew on-time. So, despite neither company committing a security abuse, not fulfilling the proper paperwork put them on regulators’ radars.
The Takeaway: If you want to keep officials off your back, make sure you’re up-to-date with the latest international, national and regional Internet laws — especially Safe Harbor certification paperwork.
For Maximum Profit, Enlist an Experienced Internet Law Attorney
Kelly / Warner attorneys are masters of Internet law. Pioneers in the field, we’re commonly recognized as one of the country’s leading tech law firms. Kelly / Warner consistently delivers better-than-big-firm results, for a fraction of the price.