Certification
After opting in, an organization must re-certify every 12 months. It can either perform a self-assessment to verify that it complies with these principles, or hire a third-party to perform the assessment. There are also requirements for ensuring that appropriate employee training and an effective dispute mechanism are in place.
In March 2011 the Federal Trade Commission charges deceptive privacy practices in Google's rollout of its Buzz social network.
Read more about this topic: International Safe Harbor Privacy Principles