American Apparel agreed to settle Federal Trade Commission charges that it falsely claimed it was abiding by international privacy frameworks.

According to a complaint filed by the FTC, the Los Angeles-based company deceptively claimed it held current certifications under the U.S.-EU and U.S.-Swiss Safe Harbor frameworks. The programs are voluntary and administered by the U.S. Department of Commerce in consultation with the European Commission and Switzerland.

To participate, a company must self-certify annually to the Department of Commerce that it complies with the seven privacy principles required to meet the European Union’s adequacy standard: notice, choice, onward transfer, security, data integrity, access and enforcement.

The FTC complaint charged American Apparel with representing, through statements in its privacy policy, that the company held current Safe Harbor certifications, even though it had allowed its certifications to lapse. The FTC alleged that this conduct violated section 5 of the FTC Act. However, this does not necessarily mean that the company committed any substantive violations of the privacy principles of the Safe Harbor frameworks.

Under the proposed settlement agreement, American Apparel is prohibited from misrepresenting the extent to which it participates in any privacy or data security program sponsored by the government or any other self-regulatory or standard-setting organization.

“The FTC is committed to making sure that when companies claim they’re participating in the U.S.-EU Safe Harbor Framework, they’re abiding by the terms of the program,” said Jessica Rich, director of the FTC’s Bureau of Consumer Protection.

The FTC will publish a description of the consent agreement package in the Federal Register shortly. The agreement will be subject to public comment through June 9, after which the FTC will decide whether to make the proposed consent order final.

load comments
blog comments powered by Disqus