TRUSTe

Lua error in package.lua at line 80: module 'strict' not found.

TRUSTe

Type	Private
Industry	Internet Privacy Online Advertising
Founded	1997
Headquarters	835 Market Street, San Francisco, California, USA
Key people	CEO: Chris Babel - CFO: Tim Sullivan - VP Product: Kevin Trilli - VP Marketing: Dave Deasy
Number of employees	130
Slogan	"Make Privacy Your Choice"
Website	www.truste.com

True Ultimate Standards Everywhere, Inc d/b/a TRUSTe, Inc. is a trust mark sales company^[1] based in San Francisco, California, with additional offices in London, United Kingdom and Cebu City, Philippines. Best known for its online privacy seals, TRUSTe assesses, monitors, and certifies websites, mobile apps, cloud, and advertising channels to allow companies "to safely collect and use customer data to power their business".^[2] The company incorporates regulatory requirements and industry best practices from the United States and North America, European Union, and Asia Pacific regions into its review of digital properties.^[3] As of 2012, TRUSTe has provided data privacy management services and certifications for more than 5,000 businesses.^[4]

History

TRUSTe (originally named eTRUST until a copyright conflict was found) was founded as a non-profit industry association in 1997 by Lori Fena, then executive director of the Electronic Frontier Foundation (EFF), and Charles Jennings, a software entrepreneur, with the mission of fostering online commerce by helping businesses and other online organizations self-regulate privacy concerns.^[5] Toward this end TRUSTe launched its flagship Privacy Seal Program, providing privacy seals to websites who abide by a set of fair information privacy practices and agreed to participate in the company's consumer privacy dispute resolution service.^[6]

TRUSTe was developed from of an earlier program named Privacy Assured launched in 1996 by Tim Dick, CEO of WorldPages which was later acquired by BT. The initial five members were match.com, Four11 / Yahoo!, NetAngels, I/PRO (first web metrics company), and WorldPages. Within two months, over 30 companies had joined Privacy Assured, with more waiting. Privacy Assured approached EFF about setting up an independent entity and learned that EFF was contemplating an internet privacy initiative. Tim Dick brought in his former colleagues at Boston Consulting Group which did a landmark pro-bono study which established much of the internet privacy principles in use today, and on which TRUSTe remains built.

TRUSTe's founding Executive Director, Susan Yamada, formerly editor of Upside Magazine, served until 2001. In 2000, TRUSTe became the first organization to join the U.S. Department of Commerce's, and the European Union's safe harbor framework, and subsequently launched its EU Safe Harbor Seal Program.^[6] The US-EU Safe Harbor was agreed upon by the U.S. Department of Commerce and the European Union to provide a framework for American companies to comply with European data and privacy standards.

In 2001, TRUSTe became a Children's Online Privacy Protection Act (COPPA) Safe Harbor organization for the Federal Trade Commission^[7] and thereafter launched its Children's Privacy Seal Program.

Fran Maier, co-founder of Match.com,^[8] joined TRUSTe as Executive Director in 2001.^[9] One of the first efforts was to address consumer issues with spam or unwanted email.^[10] Maier resigned her position in 2012.

In 2008, TRUSTe changed its structure from a non-profit industry association to a venture-backed for-profit company, raising its first round of capital from Accel Ventures. This raised questions about whether the organization is appropriately tough on the companies it certifies.^[11]

Chris Babel, former Senior Vice President of VeriSign’s worldwide Authentication Services, joined TRUSTe as chief executive officer in November 2009.^[12]

In 2013, TRUSTe was approved by the European Interactive Digital Advertising Alliance (EDAA) as an official Certification Provider for the EU Self-Regulatory Programme for Online Behavioural Advertising (OBA).^[13] The same year, TRUSTe was named the first approved Accountability Agent for the Asia-Pacific Economic Cooperation (APEC) Cross Border Privacy Rules (CBPR) System.^[14]

On Nov 17th 2014, the Federal Trade Commission announced that TRUSTe had agreed to^[15] settle charges that it deceived consumers about its recertification program, and perpetuated its misrepresentation as a non-profit entity against a $200,000 penalty. From 2006 to 2013 TRUSTe failed, in over 1000 instances, to conduct annual privacy checks on the companies it certified.^[16] Consumer organizations, the Center for Digital Democracy and the Consumer Federation of America, argued for higher penalties and more FTC oversight, but the FTC declined to increase the penalties.^[17]

Products

Privacy Assessments

Binding Corporate Rules (BCRs), EU Safe Harbor

Privacy Certifications

TRUSTed Apps, TRUSTed Cloud, TRUSTed Data, TRUSTed Downloads, TRUSTed Smart Grid, TRUSTed Websites, APEC Privacy, Children’s Privacy, EDAA Trust Seal Certification

Monitoring Tools

Website Monitoring, App Monitoring, Dispute Resolution

Compliance Controls

TRUSTed Ads, Consent Manager

Meaning of TRUSTe seal

The TRUSTe seal does not indicate that a web site complies with any specific set of privacy rules, such as the European Union's Data Protection Directive. It indicates only that the site has self-certified as complying with the site's own privacy statement and TRUSTe’s program requirements .^[18]

Enforcement

TRUSTe claims to enforce its privacy rules, and operates a "Watchdog" operation which accepts consumer complaints. TRUSTe described its enforcement process in a filing with the U.S. Federal Trade Commission in 2000.^[19] From 2000 to June 2004, TRUSTe published "Watchdog Reports" reporting their enforcement actions.^[20] The final report, for June 2004, shows 256 reports received and 130 reports closed. All 130 reports were resolved with "Issue Handled with no changes necessary to the Privacy Statement nor the Site". In no case was an enforcement action taken. In 2004, no enforcement actions were taken. In 2003, one enforcement action was taken, out of over a thousand complaints.^[20] After June 2004, TRUSTe ceased reporting on enforcement actions, despite the statement in its FTC filing that it would publish such reports at least twice a year.

In 2012, TRUSTe published a "Transparency Report" which did not list individual enforcement actions, but did indicate that, after over 4000 consumer complaints, TRUSTe took only 9 enforcement actions during 2012, 3 of which resulted in termination of TRUSTe endorsement.^[21]

Dr. Benjamin Edelman of the Harvard Business School found in January 2006 that sites with TRUSTe certification were 50% more likely to violate privacy policies than uncertified sites.^[22] Dr. Edelman has also reported that TRUSTe does not go far enough to punish seal holders that break TRUSTe’s rules and that the organization is not quick enough in revoking the seal on companies that violate privacy standards.^[23]

In 2002, Wired Magazine questioned whether TRUSTe could be trusted, noting that rather than revoking privacy seals for violations, "TRUSTe officials often seemed to be covering for their clients".^[24]

In 2008, a Galexia Consulting study reported that TRUSTe had terminated only one customer for non-compliance in the previous eleven years, despite a number of significant privacy violations which had received press coverage. "The most significant criticism of trustmarks is that in practice they have proved to be virtually worthless in the face of major privacy breaches. Their privacy standards are low to begin with, but even these rules are simply not enforced against large, paying members."

See also

• Verisign
• WebTrust

References

External links

• Official website