Privacy program didn’t deliver annual check-ups

Share This Page

One way to judge a website’s privacy practices is to see if has been certified by an independent organization. Privacy seals and certifications are useful because it is difficult for regular computer users to verify how sites use their information.

Today, the FTC announced a settlement with TRUSTe, which advertises itself as “the #1 privacy brand.” The FTC alleged TRUSTe misled consumers when the company claimed it did an annual compliance checks on all sites that earned its “TRUSTe Certified Privacy Seals,” although it didn’t check more than 1,000 times over a six-year stretch.

Also, TRUSTe was originally formed as a non-profit organization, and emphasized that status in the language it provided certified sites for their privacy policies. However, after TRUSTe became a for-profit company in 2008, it continued to certify sites that said TRUSTe was a non-profit. According to the FTC, those false statements provided those sites with the means to deceive consumers.

Under the terms of a proposed settlement, the company will pay $200,000 and change its business practices.

Comments

So Truste got in trouble because some of its clients did not remove "non-profit" language from their website, and that deceived consumers? That seems really silly to me.

Chris, TRUSTe is supposed to monitor these companies for compliance. Failing to use the appropriate branding for the TRUSTe message is fairly significant.

The FTC claimed that since TRUSTe became a for-profit corporation in 2008, it didn’t require companies that use its seals to update the references they made to TRUSTe’s non-profit status, not their own. The FTC also said that TRUSTe claimed it did an annual compliance checks on all sites that earned its “TRUSTe Certified Privacy Seals,” although it didn’t check more than 1,000 times over a six-year stretch. And those two things are problematic.

Leave a Comment

Comment Policy