The APEC CBPR system facilitates privacy-respecting data transfers between APEC member economies through a voluntary, enforceable mechanism, which certifies companies as being compliant with APEC CBPR program requirements. Like the EU-U.S. and Swiss-U.S. Privacy Shield frameworks that also facilitate privacy-respecting data transfers between different countries, the APEC CBPR system is backstopped by FTC enforcement.

In separate complaints, the FTC charged that Sentinel Labs, Inc., which provides endpoint protection software to enterprise customers, SpyChatter, Inc., marketer of the SpyChatter private message app, and Vir2us, Inc., which distributes cyber security software, falsely represented in their online privacy policies that they participated in the APEC CBPR system. Sentinel Labs also falsely claimed that it was a participant in a TRUSTe privacy program, according to the FTC complaint.

Under the terms of the settlements with the FTC, the three companies are prohibited from misrepresenting their participation, membership or certification in any privacy or security program sponsored by a government or self-regulatory or standard-setting organization.

The Commission voted 2-0 to approve the final orders with Sentinel Labs, Inc., SpyChatter, Inc., and Vir2us, Inc. and a response letter to one commenter.

The Federal Trade Commission works to promote competition, and protect and educate consumers.