The online privacy and e-commerce advocacy group, TRUSTe, is overhauling its "trustmarks" program, which is designed to let surfers know how Web sites will use their personal information.
However, TRUSTe now has abandoned the three marks in exchange for one simple label, similar to the "Good Housekeeping seal of approval."
The change comes after the group faced tough questions regarding the effectiveness of the self-regulatory program during the Federal Trade Commission's summer workshop about Net privacy concerns.
TRUSTe also is hoping that the shift to a less complex system will lead to the widespread use of its mark. Like many self-regulatory efforts in this area, the overall goal is to build consumer confidence in the online marketplace--and avert regulation--by increasing disclosure of personal data collection practices.
But TRUSTe says it's not abandoning the principles behind the original trustmarks. When a surfer goes to a "TRUSTed" site, the mark should be on the home page. It may also appear every place a site requests a user's name, sex, income, address, or a slew of other personal details.
During the FTC workshop, former commissioner Christine Varney criticized parts of the TRUSTe requirements for being too weak. She pushed the group to require that licensed sites offer an opt-out feature, for example.
TRUSTe argued that if its prerequisites are too stringent, companies might be reluctant to sign on. For now, surfers' market choices should raise the bar, Scott contended. But TRUSTe's strategy is to add new requirements in time, and companies will have to adhere to them when renewing their TRUSTe license.
"Privacy is not just black and white; it is a value that has different meaning to different people. We want people to be able to make an informed decision about who they do business with," Scott said. "The trustmark is helping to build a relationship between the customer and the Web site."
Companies that sign a contract agreeing to TRUSTe's policies must pay an annual fee to renew their mark. The fee ranges from $500 per year for companies with under $10 million in annual revenue to $5,000 per year for those with more than $100 million in annual revenue. TRUSTe also audits the sites once a year and responds to consumer complaints of noncompliance.
Those who have signed up to use the trustmarks and/or promote them to customers include Excite, Netcom, Lands' End, Wired, and high-tech firms AT&T, CyberCash, IBM, Tandem, Oracle, and Netscape Communications.
TRUSTe isn't the only group trying to ward off new laws regarding the online collection of personal data. Other programs or technologies are also pushing their proposals.
Netscape, Firefly Network, VeriSign, and other leading Net technology providers have proposed the Open Profiling Standard (OPS), which would let users store personal data on their PC hard drives and then decide whether to disclose that data to individual Web sites they visit.
Not everyone considers OPS a privacy protection system. At the FTC workshop, some privacy advocates slammed the OPS as a "privacy extractor" that actually entices consumers to give up more information.
Other organizations use Web site seals to ensure surfers that a company is legitimate, besides pledging certain privacy protections. For example, the American Institute of Certified Public Accountants (AICPA) and the Canadian Institute of Chartered Accountants yesterday launched the CPA WebTrust. Sites that use the seal must describe their e-commerce transaction security measures and guarantee that customers' personal data will not be passed on to third parties.
"Unlike other services, CPA WebTrust is the only offering that combines privacy, security, and sound business practices--the only one that provides independent third-party verification by a CPA with the report available to anyone who clicks on the CPA WebTrust seal," said Everett Johnson, chairman of the AICPA's Electronic Commerce Task Force.