Privacy certifier falls down on the job


FTC / Federal Trade CommissionTRUSTe was in the business of handing out seals of approval to companies that were living up to their responsibility to protect consumers online. But according to the FTC it wasn’t doing the job.

The firm was established to assure that businesses were faithfully adhering to regulations such as Children’s Online Privacy Protection Act (COPPA) and the U.S.-EU Safe Harbor Framework.

It failed on two counts.

On the one hand, it began as a non-profit organization but switched over to a profit-making company in 2008. However, it continued to misrepresent its status as non-profit.

Second, it promised to recertify all of the companies it approved on an annual business, but according to FTC, between 2006 and 2013, it went ahead and granted certification without an inspection on more than 1,000 occasions.

“TRUSTe promised to hold companies accountable for protecting consumer privacy, but it fell short of that pledge,” said FTC Chairwoman Edith Ramirez. “Self-regulation plays an important role in helping to protect consumers. But when companies fail to live up to their promises to consumers, the FTC will not hesitate to take action.”

Organizations like TRUSTe were cited as important cogs in making self-regulation work for various industries, which is one reason the FTC takes such behavior lapses very seriously.

Under terms of the settlement, in addition to being required to get its act together, TRUSTe will pay a $200,000 fine.