Tag Archives: APEC

FTC Settlement Highlights APEC Cross-Border Privacy Rules

ftc investigationThe Federal Trade Commission and Vipvape have agreed to a settlement for charges that Vipvape deceived consumers about its participation in Asia-Pacific Economic Cooperation (APEC) Cross-Border Privacy Rules.

The APEC Cross-Border Privacy Rules help facilitate data transfers between APEC member countries through baseline privacy requirements. Companies can voluntarily certify their compliance under the APEC Cross-Border Privacy Rules and promote their certification online.

The FTC charged that Very Incognito Technologies – aka Vipvape – falsely claimed they were certified under the APEC Cross-Border Privacy Rules. However, it’s been discovered that Vipvape was never reviewed or certified by an APEC-recognized agent, and their claims online were false. The FTC finds Vipvape’s deceptive statement in violation of the FTC Act.

“We are committed to vigorously enforcing cross-border privacy commitments,” said FTC Chairwoman Edith Ramirez. “Consumers should be able to rely on a company’s claim that it is a certified participant in an international program designed to protect their personal information.”

Going forward, Vipvape is not allowed to misrepresent its certification with any regulatory-sponsored privacy or security program.

Key Takeaways

This settlement concludes the FTC’s first case dealing with the Cross-Border Privacy Rules. The FTC is committed to holding companies accountable to their statements regarding their privacy and data security standards. Stretching the truth about a privacy policy, personal information protections, or privacy practices in general will put a company in the FTC’s crosshairs.

Canada Joins APEC Cross-Border Privacy Rules System

The Asia-Pacific Economic Cooperation (APEC) announced (press release) that Canada has become the latest addition to the APEC Cross-Border Privacy Rules (CBPR) System, joining the U.S., Mexico, and Japan. The CBPR system works to increase the protection of consumer data as it is transmitted across borders throughout the Asia-Pacific region.

The CBPR system requires organizations in participating APEC member countries to develop their own internal rules on cross-border data privacy procedures, complying with the minimum requirements set forth in the APEC Privacy Framework.