TRUSTe
Private | |
Industry | Internet Privacy |
Founded | 1997 |
Headquarters | 835 Market Street, San Francisco, California, USA |
Key people | CEO: Chris Babel - CFO: Tim Sullivan - VP Product: Kevin Trilli - VP Marketing: Dave Deasy |
Number of employees | 130 |
Slogan | "Make Privacy Your Choice" |
Website | www.truste.com |
TRUSTe based in San Francisco, California, with additional offices in London, United Kingdom and Cebu City, Philippines provides privacy consulting, certifications, and technology tools to help businesses manage privacy compliance risk. The company incorporates regulatory requirements and industry best practices from the United States and North America, European Union, and Asia Pacific regions into its review of digital properties.[1]
History
TRUSTe (originally named eTRUST until a copyright conflict was found) was founded as a non-profit industry association in 1997 by Lori Fena, then executive director of the Electronic Frontier Foundation (EFF), and Charles Jennings, a software entrepreneur, with the mission of fostering online commerce by helping businesses and other online organizations self-regulate privacy concerns.[2] Toward this end TRUSTe launched its flagship Privacy Seal Program, providing privacy seals to websites who abide by a set of fair information privacy practices and agreed to participate in the company's consumer privacy dispute resolution service.[3]
TRUSTe was developed from of an earlier program named Privacy Assured launched in 1996 by Tim Dick, CEO of WorldPages which was later acquired by BT. The initial five members were match.com, Four11 / Yahoo!, NetAngels, I/PRO (first web metrics company), and WorldPages. Within two months, over 30 companies had joined Privacy Assured, with more waiting. Privacy Assured approached EFF about setting up an independent entity and learned that EFF was contemplating an internet privacy initiative. Tim Dick brought in his former colleagues at Boston Consulting Group which did a landmark pro-bono study which established much of the internet privacy principles in use today, and on which TRUSTe remains built.
TRUSTe's founding Executive Director, Susan Yamada, formerly editor of Upside Magazine, served until 2001. In 2000, TRUSTe became the first organization to join the U.S. Department of Commerce's, and the European Union's safe harbor framework, and subsequently launched its EU Safe Harbor Seal Program.[3] The US-EU Safe Harbor was agreed upon by the U.S. Department of Commerce and the European Union to provide a framework for American companies to comply with European data and privacy standards.
In 2001, TRUSTe became a Children's Online Privacy Protection Act (COPPA) Safe Harbor organization for the Federal Trade Commission[4] and thereafter launched its Children's Privacy Seal Program.
Fran Maier, co-founder of Match.com,[5] joined TRUSTe as Executive Director in 2001.[6] One of the first efforts was to address consumer issues with spam or unwanted email.[7] Maier resigned her position in 2012.
In 2008, TRUSTe changed its structure from a non-profit industry association to a venture-backed for-profit company, raising its first round of capital from Accel Ventures. This raised questions about whether the organization is appropriately tough on the companies it certifies.[8]
Chris Babel, former Senior Vice President of VeriSign’s worldwide Authentication Services, joined TRUSTe as chief executive officer in November 2009.[9]
In 2013, TRUSTe was approved by the European Interactive Digital Advertising Alliance (EDAA) as an official Certification Provider for the EU Self-Regulatory Programme for Online Behavioural Advertising (OBA).[10] The same year, TRUSTe was named the first approved Accountability Agent for the Asia-Pacific Economic Cooperation (APEC) Cross Border Privacy Rules (CBPR) System.[11]
On Nov 17th 2014, the Federal Trade Commission announced that TRUSTe had agreed to[12] settle charges that it deceived consumers about its recertification program, and perpetuated its misrepresentation as a non-profit entity against a $200,000 penalty. From 2006 to 2013 TRUSTe failed, in over 1000 instances, to conduct annual privacy checks on the companies it certified.[13] Consumer organizations, the Center for Digital Democracy and the Consumer Federation of America, argued for higher penalties and more FTC oversight, but the FTC declined to increase the penalties.[14]
Products
- Privacy Assessments
- Binding Corporate Rules (BCRs), EU Safe Harbor
- Privacy Certifications
- TRUSTed Apps, TRUSTed Cloud, TRUSTed Data, TRUSTed Downloads, TRUSTed Smart Grid, TRUSTed Websites, APEC Privacy, Children’s Privacy, EDAA Trust Seal Certification
- Monitoring Tools
- Website Monitoring, App Monitoring, Dispute Resolution
- Compliance Controls
- TRUSTed Ads, Consent Manager
Meaning of TRUSTe seal
The TRUSTe seal does not indicate that a web site complies with any specific set of privacy rules, such as the European Union's Data Protection Directive. It indicates only that the site has self-certified as complying with the site's own privacy statement and TRUSTe’s program requirements .[15]
Enforcement
TRUSTe claims to enforce its privacy rules, and operates a "Watchdog" operation which accepts consumer complaints. TRUSTe described its enforcement process in a filing with the U.S. Federal Trade Commission in 2000.[16] From 2000 to June 2004, TRUSTe published "Watchdog Reports" reporting their enforcement actions.[17] The final report, for June 2004, shows 256 reports received and 130 reports closed. All 130 reports were resolved with "Issue Handled with no changes necessary to the Privacy Statement nor the Site". In no case was an enforcement action taken. In 2004, no enforcement actions were taken. In 2003, one enforcement action was taken, out of over a thousand complaints.[17] After June 2004, TRUSTe ceased reporting on enforcement actions, despite the statement in its FTC filing that it would publish such reports at least twice a year.
In 2012, TRUSTe published a "Transparency Report" which did not list individual enforcement actions, but did indicate that, after over 4000 consumer complaints, TRUSTe took only 9 enforcement actions during 2012, 3 of which resulted in termination of TRUSTe endorsement.[18]
Dr. Benjamin Edelman of the Harvard Business School found in January 2006 that sites with TRUSTe certification were 50% more likely to violate privacy policies than uncertified sites.[19] Dr. Edelman has also reported that TRUSTe does not go far enough to punish seal holders that break TRUSTe’s rules and that the organization is not quick enough in revoking the seal on companies that violate privacy standards.[20]
In 2002, Wired Magazine questioned whether TRUSTe could be trusted, noting that rather than revoking privacy seals for violations, "TRUSTe officials often seemed to be covering for their clients".[21]
In 2008, a Galexia Consulting study reported that TRUSTe had terminated only one customer for non-compliance in the previous eleven years, despite a number of significant privacy violations which had received press coverage. "The most significant criticism of trustmarks is that in practice they have proved to be virtually worthless in the face of major privacy breaches. Their privacy standards are low to begin with, but even these rules are simply not enforced against large, paying members."
See also
References
- ↑ "Operating Geos". Yahoo Finance. 25 June 2013.
- ↑ "The Hundredth Window:Protecting Your Privacy and Security in the Age of the Internet". Simon and Schuster Free Press. Retrieved 2008-08-19.
- 1 2 http://judiciary.house.gov/legacy/fena_071201.htm
- ↑ Children's Privacy Seal
- ↑ Angwin, Julia (1998-02-12). "Media innovation must come from the free market". The San Francisco Chronicle.
- ↑ "Interagency Public Workshop: Get Noticed: Effective Financial Privacy Notices".
- ↑ "Privacy group to put seal on spam". CNET.
- ↑ Hansell, Saul (July 15, 2008). "Will the Profit Motive Undermine Trust in Truste?". New York Times.
- ↑ "TRUSTe Management". TRUSTe. Retrieved 2008-06-30.
- ↑ "EDAA Certification".
- ↑ "APEC Certification".
- ↑ "FTC press release".
- ↑ Wyattnov, Edward (Nov 17, 2014). "F.T.C. Penalizes TRUSTe, a Web Privacy Certification Company". New York Times.
- ↑ Davis, Wendy (March 18, 2015). "TRUSTe Finalizes Settlement With FTC". Media Post.
- ↑ "Privacy Program Requirements". TRUSTe. 2011. Archived from the original on October 8, 2011.
- ↑ "TRUSTe web site privacy seal compliance-escalation process" (PDF). Federal Trade Commission. 2000.
- 1 2 "TRUSTe watchdog reports". TRUSTe. 2008. Archived from the original on 2012-04-02.
- ↑ "TRUSTe Transparency Report for 2012". TRUSTe. 2012.
- ↑ Edelman, Benjamin (September 25, 2006). "Certifications and Site Trustworthiness". Retrieved 2008-07-03.
- ↑ Edelman, Benjamin (March 18, 2008). "Coupons.com and TRUSTe: Lots of Talk, Too Little Action". Retrieved 2008-07-03.
- ↑ Boutin, Paul (April 9, 2002). "Just how Trusty is TrustE?". Wired.