Tuesday, November 18, 2014

Who's Trustier than TRUSTe?

Lots of folks, it seems.

I've thought well of TRUSTe, a company that is (to quote their website) "the leading global Data Privacy Management (DPM) company and powers trust in the data economy by enabling businesses to safely collect and use customer data across their customer, employee, and vendor channels."

Moreover, "All TRUSTe solutions are engineered to enable businesses to continuously develop new and innovative products and marketing programs while adhering to best practices for providing customers with transparency, choice and accountability regarding the collection and use of personal information."

OK, that's a little heavy on the marketing-speak, but you'd think I'd like something that promised consumers "transparency, choice and accountability", right? The little TRUSTe symbol on a website seemed like a Good Housekeeping seal of approval.

I'd even assumed -- without really thinking about it -- that a company that certified websites for adhering to privacy standards was probably a not-for-profit.

Turns out I was wrong on several counts. (Sigh. Not for the first time, of course, and surely not the last.) Well, I was half-right about the final assumption: TRUSTe was founded as a nonprofit in 1997, but converted to for-profit in 2008. Let's just think about that for a moment, shall we?

In today's New York Times, Edward Wyatt reports that the Federal Trade Commission has penalized TRUSTe "$200,000 in profits... as part of a settlement for failing to annually recertify the privacy practices of companies in more than 1,000 instances while claiming on its website that it did so each year." (Full article, here)
The commission said that from 2006 to January 2013 TRUSTe failed to conduct annual privacy checks on some of the companies it certified. The company also failed to require companies using its seal to indicate after 2008 that the company was no longer a nonprofit corporation. 

In a blog response (here), TRUSTe CEO Chris Babel wrote that companies that were not reviewed annually were those that had multi-year contracts, which "represents less than 10% of the total number of annual reviews we were scheduled to conduct" and that "over 90% of multi-year clients" had two-year contracts, which meant that "the vast majority were reviewed every other year."

Babel also promised, "We have taken swift action to address the process issues covered by the agreement [with the FTC]."

Remember what your mother taught you? "Fool me once..."

We'll be watching.
This represents less than 10% of the total number of annual reviews we were scheduled to conduct during that time.
Multi-year clients that did not undergo the annual review step of their certification were reviewed when their agreements were up for renewal. Because over 90% of multi-year clients signed two-year contracts, the vast majority were reviewed every other year.
- See more at: http://www.truste.com/blog/#sthash.zpAk8r7s.dpuf
his represents less than 10% of the total number of annual reviews we were scheduled to conduct during that time.
Multi-year clients that did not undergo the annual review step of their certification were reviewed when their agreements were up for renewal. Because over 90% of multi-year clients signed two-year contracts, the vast majority were reviewed every other year.
- See more at: http://www.truste.com/blog/#sthash.zpAk8r7s.dpuf


No comments:

Post a Comment