Consumers and citizens want to trust businesses and government with the use of their information. But with rampant data breaches and sloppy or overaggressive use of data, individuals also want to know that steps are being taken to protect them and to earn their trust. The Future of Privacy Forum is an important new venue through which individuals can lead robust dialogues about what is both needed and possible in commercial and government sectors to assure consumers and citizens of the ethical use of their data.
TRUSTe supports this important work and congratulates Jules Polonetsky and Christopher Wolf on today’s launch of The Future of Privacy Forum (FPF). Maureen Cooney, Chief Privacy Officer and Vice President for Public Policy for TRUSTe will serve on the FPF Advisory Board. TRUSTe hopes to contribute to the dialogue and range of solutions, as our mission is to assist in building trust online and business accountability for consumer privacy. Trust in the digital world has never been more important to our economy and in guiding transparency and efficiency in government.
Further reading…
November 19th, 2008
comScore’s RelevantKnowledge is once again a Trusted Download with full whitelist and program privileges, after six months as a“Provisional†member. An early adopter of TRUSTe’s voluntary notice and choice standards for software privacy, comScore has demonstrated an ongoing commitment to improving network accountability and consumer control for their software.
Provisional Status is effectively a probation period that lasts for a minimum of six months, during which a white-listed application is subject to additional monitoring by the Trusted Download Program’s Compliance Team. After six months as a Provisional member of the whitelist with no material program violations, RelevantKnowledge today once again becomes a full member of the TDP Program. Additionally, comScore will now be able to use the new Trusted Download Seal at the point of download.
During the software’s Suspension from the whitelist due to the unauthorized actions of a rogue distributor , comScore developed, implemented, tested, and validated a technical solution that sharply reduces the likelihood of a recurrence with any of its distributors. And while the minimum time period for the Suspension was originally set at three months, comScore spent nine months developing, refining, implementing, and and rolling out this solution across RelevantKnowledge’s distribution network before being reinstated on the whitelist. Once back on the whitelist, comScore spent another six months under Provisional status to assure TRUSTe that the solution is working and that further rogue downloads are unlikely.
This process of violation detection, whitelist suspension, software and network improvement and reinstatement, demonstrates the intended outcome of the Trusted Download Program. The intent of the Trusted Download Program is to certify software developers according to a set of standards, to hold them accountable for meeting those standards over time, to take action when they don’t, and then work to implement technological controls, to change business processes or other steps that may be required to prevent abuse and improve consumers’ experience with downloadable software.
October 24th, 2008
You may be a small business, but chances are you collect some form of PII. Even small businesses are accountable for the safety of user PII, and thereby must take adequate measures to protect it. Lead Microsoft.com editor Monte Enbysk gathered TRUSTe’s insight to help develop 6 privacy tips for small businesses:
1. Take inventory of the personal information you collect and store.
2. Analyze how safely you use and store this data.
3. Make sure you’re complying with industry or federal laws.
4. Post a privacy policy that is clear and comprehensive.
5. Have your policy reviewed by an attorney or by a privacy seal program.
6. If you have employees, make sure their personal information is protected too.
According to Enbysk , you should seek the expert opinion of a privacy service like TRUSTe who can help ensure the accuracy and validity of your privacy statement. Not only may a third-party privacy authority ensure your privacy statement and practices are up to par, but a seal from TRUSTe can benefit your brand.
“The Web privacy seal is one of [TRUSTe's] most popular products,” says TRUSTe’s VP of Communications, Carolyn Hodge. A privacy seal may be most beneficial to small e-tailers with little or no name recognition outside their hometown or region.
Read Enbysk’s Full Article…
October 1st, 2008
TRUSTe announced on September 23, 2008 the termination of one of its sealholders, Classic Closeouts LLC, an action that included the successful resolution of hundreds of online complaints.
To date, TRUSTe has helped over 200 consumers who were affected. TRUSTe is working to resolve the issues by managing and handling consumer complaints, and in some cases, helping to obtain refunds from irregular charges that were incurred on the Classic Closeouts Web site. In addition, by revoking its privacy seal, TRUSTe could keep hundreds of thousands of additional consumers that were on the Classic Closeouts mailing list from experiencing unauthorized credit card charges.
Sealholder termination occurs only after TRUSTe outlines steps necessary for the licensee to remedy violations and such steps are refused. To execute TRUSTe’s mission to build online trust, TRUSTe educates Web
Read TRUSTe Press Release…
September 26th, 2008
User sensitivity to privacy on the internet has been difficult to quantify and act upon for technology providers, websites and advertisers, never mind consumers themselves. In TRUSTe research we have seen a consistent user concern about tracking and targeting; inconsistently competing with a desire for more relevant advertising and content.
New features that Microsoft has added to IE8, (explained here on the IE8 Blog), help resolve some of that concern that users express by giving them more choices on how to control information (both PII and anonymized behavioral information.) “InPrivate” browsing allows consumers to easily, anonymously browse the web by not storing or allowing tracking of any pii or anonymous information.
TRUSTe supports tools that provide consumers with a means to assert their right to privacy when browsing online. While the new browser features InPrivate Blocking further give some measure of boundaries around the extent of data that can be collected and shared to third parties about your browsing history.
Finally, the InPrivate Subscriptions feature allows consumers to designate websites or lists of websites for blocking or sharing browsing data.
August 25th, 2008
First thing Monday morning, it was brought to our attention by a former Head of Privacy at Microsoft, and former TRUSTe Board Member, Richard Purcell, that the AdVantage software application, was serving malicious advertising. By Tuesday morning, Sandi Hardmeier, TRUSTe’s Online Compliance Researcher, was able to confirm and reproduce the malicious ads and by Tuesday afternoon, a Suspension Letter was issued. Our focus now turns to the security and control mechanisms that Vomba will need to remain in the program.
Research confirmed that an ad displayed by AdVantage contained a script that opened a web page containing another script that checked the date, time and regional settings of the user’s computer. This ultimately redirected some viewers to a web site that attempted to install fake anti-spyware software on the user’s machine via multiple dialog boxes, some without a cancel button, and dialog boxes that spawn other boxes upon the user’s attempt to close them.
Karl Bernard, Vomba’s President, responded immediately and removed the offending ads as soon as he was notified (well after business hours East Coast Time). He stated that the ads were served by a European ad agency named Byron Advertising. Furthermore, he believes that the ad in question was targeting users in New Zealand specifically. TRUSTe confirmed that users in the United Kingdom may also have been affected.
The ad campaign we discovered was clearly unacceptable, both to Vomba and TRUSTe. We will work collaboratively with Vomba during the suspension period to ensure a positive resolution and a more secure consumer experience. As we gain further insight into the vulnerabilities that allowed the campaign to slip through and the steps required to prevent a repeat incident, we will share key lessons learned with other participants to keep their ad serving systems secure.
Further information regarding the byronadvertising.eu incident…
- Posted by Irinia Doliov, Senior Product Manager for TDP
August 14th, 2008
In the September Issue of Consumer Reports provides an excellent guide for protecting your online identity and lists TRUSTe in its Steps to Avoid the Seven Most Common Blunders. Step seven warns consumers against the common mistake of shopping like they do in an offline store — to think twice , make sure there is https encryption, and look for TRUSTe seals when giving out personal information.
August 6th, 2008
Everybody knows about how the pesky little privacy policy on your website can land you in hot water with the FTC. Under the FTC Act, deceptive and unfair practices against consumers can get you a 20 year relationship with the FTC and a hefty fine. For the most part though, the resources of the FTC are such that they can’t go after every company that violates its privacy policy. Also, its really for individuals to pursue cases as most of us don’t have big litigation war chests to sue companies that violate our privacy.
All that has now changed. The bright folks over at Perkins Coie have figured out that deception isn’t bad for just consumers. The Lanham Act (usually associated with anti-trust actions) also allows for competing companies to sue their competitors for unfair and deceptive trade practices. In the case CollegeNET, Inc. v. XAP Corporation, Perkins Coie obtained a $4.5 Million judgment for CollegeNET because XAP’s practices violated its privacy policy. The reasoning is that if deceiving consumers to use your service harms the consumer, it also harms competitors.
Now, those with the money have the incentive to go after companies that don’t follow their privacy policies. One more reason to have monitoring and compliance services to make sure you are following your privacy policy.
- Posted by John Tomaszewski, VP Legal, Policy and Compliance
August 6th, 2008
On Friday, July 18, TRUSTe reinstated Rabio’s “Search Enhancer†to the list of trusted downloads.
The move came three months after a single, rogue download of another program marketed by the company caused a top-to-bottom review of Rabio’s distribution. The result was a negotiated change in Rabio’s business model, consumer notification and confirmation Rabio was performing up to the highest standards of informed consumer choice, transparent approach and responsible distribution.
Rabio was cooperative through the process because as Rabio CEO put it, “This is one list I want us to be on.†He said the review helped strengthen the business on other fronts, too. “Our software performs better, our business partners are more tightly integrated and our sales team is sleeping better,†Berard said.
According to the TRUSTe review team, Rabio needed to fix its relationship with the distribution partner involved, specifically to retain control of its executable code. Rabio also committed to a higher level of control over such partnerships, alerted its users to the potential problem and provides notice of how to uninstall the application.
Once these requirements were met, it was an easy decision to reinstate Rabio.
Posted by Irina Doliov, Sr. Product Manager
July 23rd, 2008
Today’s concept of online privacy is new territory for anyone actively involved with the Internet. Unlike a decade ago, privacy today is not just about “who you are, but privacy is now about where you are going, and what you do,†suggests Maier. In her recent guest appearance on San Francisco’s KALW City Visions radio show hosted by Joseph Pace, TRUSTe CEO Fran Maier along with Debbie Gage, senior technology reporter, San Francisco Chronicle, and Owen Tripp, executive vice president, Reputation Defender addressed how Internet privacy has evolved over the years, and offered some privacy best-practices for your online business.
The Internet is in a new era in which humans are now interacting online at more complex levels than a decade ago. In some instances we knowingly generate personal content that is then displayed on social networking sites, but in other cases we inadvertently leave behind a digital footprint any time we conduct an online search, or visit a Web site. Much of the information being collected is about an individual’s online actions that is not necessarily personally identifiable, but is attached to an IP address. Maier states that although companies may collect such information innocuously, “we at TRUSTe believe that [the user] should at least know that it’s happening.†TRUSTe encourages online companies to offer transparent disclosure and to promote user choice. Maier explains, “Privacy right now is more about control over your information, not just how to protect your information.â€
Listen to the full broadcast.
Posted by Candice Stewart
July 17th, 2008
Previous Posts
