A consumer watchdog is accusing 30 American companies of violating an international privacy agreement and urging U.S. regulators to get involved.
In a complaint to the Federal Trade Commission filed Thursday, the Center for Digital Democracy asked the agency to investigate the companies for allegedly collecting, using and sharing data about European citizens in ways that violate the Safe Harbor agreement between the U.S. and European Union.
{mosads}In a statement, the group’s executive director, Jeff Chester, said the companies mentioned — including Acxiom, Adobe and Salesforce.com — use the international agreement “as a shield to further their information-gathering practices without serious scrutiny.”
“Companies are relying on exceedingly brief, vague, or obtuse descriptions of their data collection practices, even though Safe Harbor requires meaningful transparency and candor,” he said.
Chester said the companies “are involved with a web of powerful multiple data broker partners who, unknown to the EU public, pool their data on individuals so they can be profiled and targeted online.”
The U.S-EU Safe Harbor agreement integrates American and European Union privacy protections, allowing U.S. companies to collect data from European citizens. The Department of Commerce certifies participating companies, and the FTC ensures the companies are protecting users’ privacy according to existing requirements.
The Safe Harbor agreement has been under fire since last year’s revelations about National Security Agency surveillance, which fueled concerns that spy agencies were accessing information about citizens of foreign countries through U.S. tech companies.
Some European officials have called for the suspension of Safe Harbor, which would leave U.S. tech companies without their current access to data belonging to users in Europe.
Since the concerns from European officials, the FTC has repeatedly defended its ability to enforce consumer protections for European users.
So far this year, the agency has reached settlements with 14 companies over the agency’s complaints that they claimed they were Safe-Harbor-certified when, in reality, the certifications had lapsed.
In a speech and a letter to EU officials, FTC Chairwoman Edith Ramirez called the Safe Harbor “an effective and functioning tool for the protection of the privacy of EU citizens’ data transferred to the United States.”
But the Center for Digital Democracy is pushing the FTC to do more.
“Instead of ensuring that the U.S. lives up to its commitment to protect EU consumers, our investigation found that there is little oversight and enforcement by the FTC,” Chester said. “The U.S. is failing to keep its privacy promise to Europe.”
The companies named in the complaint to the FTC disagree.
In a statement, Adobe said it “takes the Safe Harbor framework seriously,” adding that the complaint against it filed on Thursday has “no merit.”
Salesforce.com also defended itself against the complaint. “Nothing is more important than the trust of our customers,” the company said in a statement.
Acxiom declined to comment.