• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Alston & Bird Privacy, Cyber & Data Strategy Blog

  • Home
  • Services
  • Events
  • Contacts

FTC Settles with TRUSTe Inc. Over Deception Claims

November 18, 2014 By Privacy & Data Security Team

The Federal Trade Commission (FTC) and TRUSTe Inc. entered into a settlement agreement Monday over the FTC’s allegations that the internet privacy certifier deceived consumers about its privacy seal recertification program and allowed its customers to falsely advertise it as a nonprofit entity. Under the settlement, TRUSTe will pay a $200,000 fine and stop making certain claims.TRUSTe provides seals to businesses that meet requirements for consumer privacy programs that it administers. TRUSTe seals represent to consumers that businesses’ privacy practices are in compliance with specific privacy standards like the Children’s Online Privacy Protection Act (COPPA) and the U.S.-EU Safe Harbor Framework. In its complaint against Truste, the FTC had alleged that from 2006 until January 2013, TRUSTe failed to conduct annual recertification of companies holding TRUSTe privacy seals in over 1,000 cases, despite its website statements that companies holding TRUSTe Certified Privacy Seals receive recertification every year.The FTC complaint also alleged that since TRUSTe became a for-profit corporation in 2008, it failed to require companies using TRUSTe seals to update references to the organization’s non-profit status. Before converting from a non-profit to a for-profit, TRUSTe provided clients model language describing TRUSTe as a non-profit for use in their privacy policies.In addition to the fine, the settlement prohibits TRUSTe from making misrepresentations about its certification process or timeline, and misrepresenting its corporate status or whether an entity participates in its program. In addition, TRUSTe must not provide other companies or entities the means to make misrepresentations about these facts, such as through incorrect or inaccurate model language. The settlement also requires the company in its role as a COPPA safe harbor to provide detailed information about its COPPA-related activities in its annual filing to the FTC, as well as maintaining comprehensive records about its COPPA safe harbor activities for ten years.

Filed Under: Online Privacy, Privacy Policy Tagged With: Children's Online Privacy Protection Act (COPPA), Federal Trade Commission (FTC), Regulatory Enforcement, Safe Harbor

Primary Sidebar

This blog is a service of Alston & Bird’s Privacy, Cyber & Data Strategy team and focuses on key data privacy and data security issues.


Receive email notifications when new posts are added.

Receive email notifications when new posts are added.


THE DIGITAL DOWNLOAD
Click here to see the editions

PRIVACY & CYBER EVENTS
Click here to see upcoming and past events

PRIVACY & CYBER MAILINGS
Click here to sign up

@ALSTONPRIVACY
Click here to follow us on Twitter

Secondary Sidebar

Categories

Recent Posts

  • European Commission Adopts Draft UK Adequacy Decision
  • NYDFS Issues Best Practices for Cyber Insurance Risk Management
  • Fifth Circuit Decision Raises Cyber Enforcement Complications for the U.S. Department of Health and Human Services
  • Virginia Ready to Pass First State Privacy Statute after CCPA
  • The EDPB-EDPS Joint Opinion on Data Processing Standard Contractual Clauses: Key Takeaways
Copyright © 2021 · Alston & Bird · All Rights Reserved. Privacy.