TRUSTe, the company which gives its seal of approval to sites that meet certain privacy standard, is in trouble because thousands of websites that it gave its seal to did not actually deserve them.
The privacy compliance company has settled charges made by the Federal Trade Commission (FTC) and agreed to pay a fine for its wrongdoing.
TRUSTe admits that between 2006 and 2013 the company failed to conduct annual inspections for clients who had signed up for multi-year agreements.
Organizations can only receive the TRUSTe seal of approval by submitting themselves to an outside review of how they collect, store, and share data, they have to meet a certain standard demonstrating a commitment to privacy.
However, organizations can only use the TRUSTe seal if they’ve been certified every year. This failed to happen.
The terms of settlement state that TRUSTe must pay $200,000 to the government for its “ill-gotten gains.”
In a statement, FTC Chairwoman Edith Ramirez said:
“TRUSTe promised to hold companies accountable for protecting consumer privacy, but it fell short of that pledge,”
“Self-regulation plays an important role in helping to protect consumers. But when companies fail to live up to their promises to consumers, the FTC will not hesitate to take action.”
On Monday TRUSTe stated that it has “identified and fixed the process for annual reviews, and implemented new controls” to ensure all clients are re-certified annually.
CEO Chris Babel wrote in a blog post:
“We have taken swift action to address the process issues covered by the agreement,”
“We regret that … our processes did not live up to our own standards.”