Familiar with Fantage? If you have kids, they probably are. It’s a MMORPG – a massively multiplayer online role-playing game – where millions of children customize avatars to play online games in a virtual world. According to the FTC, there are a few more initials this MMORPG will want to be mindful of in the future: the U.S.-EU Safe Harbor Framework.
Following up on a dozen cases announced last month, the FTC just settled a lawsuit charging that Fantage claimed to be in compliance with the U.S.-EU Safe Harbor Framework, but had lets its certification lapse. The Framework gives U.S. companies a cost-effective, streamlined way to satisfy certain requirements of the European Commission’s Directive on Data Protection. To remain in good standing, a company must self-certify every year to the U.S. Department of Commerce that it’s in compliance.
The program is voluntary, but if you say (or imply) that you’re a participant, your company must honor that annual self-certification. That’s where the FTC says Fantage fell short. According to the complaint, Fantage submitted a self-certification in June 2011 and since then has said on its website, “. . . we follow the privacy principles of the U.S.-EU Safe Harbor Framework.” The trouble is that it didn’t recertify after that – rendering that claim false.
To settle the case, Fantage has agreed that it won’t misrepresent its membership in any government, self-regulatory, or standard-setting program related to privacy or security, including the U.S.-EU Safe Harbor Framework.
Interested in commenting about the proposed settlement? File online by the March 13, 2014, deadline.