For many consumers, the TRUSTe seal provided by the company of the same name is a familiar staple on many websites, creating a sense that the site meets certain privacy standards.
However, the Federal Trade Commission has forced TRUSTe to make certain changes after the U.S. agency found that that promised “privacy recertifications” of online businesses with the TRUSTe seal were not being updated — and that resulted in online consumers being deceived, the FTC says.
An FTC complaint alleges that from 2006 until January 2013, TRUSTe failed to conduct annual recertifications of companies holding TRUSTe privacy seals in more than 1,000 incidences. This oversight occurred despite TRUSTe providing information on its website that companies holding “TRUSTe Certified Privacy Seals” receive recertification every year.
TRUSTe seals are intended to assure consumers that businesses’ privacy practices are in compliance with specific privacy standards, such as the Children’s Online Privacy Protection Act (COPPA) and the U.S.-EU Safe Harbor Framework, the FTC says.
“TRUSTe promised to hold companies accountable for protecting consumer privacy, but it fell short of that pledge,” said FTC Chairwoman Edith Ramirez. “Self-regulation plays an important role in helping to protect consumers. But when companies fail to live up to their promises to consumers, the FTC will not hesitate to take action.”
TRUSTe Shifts to For-Profit Status
In addition, the FTC’s complaint alleges that since TRUSTe became a for-profit corporation in 2008, the company has failed to require companies using TRUSTe seals to update references to the organization’s non-profit status.
In a settlement with the FTC, TRUSTe will be prohibited from making misrepresentations about its certification process or timeline, and be barred from misrepresenting its corporate status or whether an entity participates in its program.
In addition, TRUSTe must not provide other companies or entities the means to make misrepresentations about these facts, such as through incorrect or inaccurate model language.
TRUSTe CEO Chris Babel issued a statement on the company’s website:
“We have taken swift action to address the process issues covered by the agreement,” Babel said. “In late 2013, we started requiring the non-profit reference to be removed from all active client websites as a condition of re-certification. We also identified and fixed the process for annual reviews in January 2013, and implemented new controls to ensure that every client receives the annual review step of their certification. We regret that, in these two cases, our processes did not live up to our own standards.”