Privacy & Information Security Law Blog

On March 6, 2014, the U.S. Federal Trade Commission (“FTC”) and UK Information Commissioner’s Office (“ICO”) signed a memorandum of understanding (“MOU”) to promote increased cooperation and information sharing between the two enforcement agencies.

The purpose of the MOU is to facilitate mutual assistance and the exchange of information in investigating and enforcing privacy violations. The MOU follows a number of international efforts to increase cross-border cooperation in privacy enforcement, including the OECD Recommendation on Cross-border Co-operation in the Enforcement of Laws Protecting Privacy, the GPEN Action Plan, the International Conference of Data Protection and Privacy Commissioners Resolution on International Enforcement Coordination, and the APEC Cooperation Arrangement for Cross-border Privacy Enforcement. In the increasingly interconnected and globalized world of today’s information age, regulators are recognizing the need to join forces to effectively investigate alleged privacy breaches and bring multilateral enforcement actions against companies operating in multiple jurisdictions.

In order to further common interests of cooperation, research and education, knowledge-sharing, and better understanding, the MOU sets out the FTC’s and ICO’s intentions, including to:

• share information (including complaints);
• provide investigative assistance in appropriate cases, such as obtaining evidence in the local jurisdiction on behalf of the other agency;
• consider joint training programs and staff exchange; and
• coordinate enforcement actions for privacy violations constituting breaches in both jurisdictions.

On its website, the ICO stated that the MOU will allow for closer cooperation between both organizations. The two agencies cooperated previously on a number of joint initiatives, including enforcing do-not-call and telemarketing laws. The ICO also has entered into a number of other memoranda of understanding with other authorities.