On 17 November 2014 the Federal Trade Commission (“FTC”) announced a settlement with TRUSTe, Inc. - the major provider of privacy certifications for online businesses.
The settlement follows FTC’s complaint alleging that from 2006 until January 2013, TRUSTe failed to conduct annual recertifications of companies holding TRUSTe privacy seals in over 1,000 incidences, despite providing information on its website that companies holding TRUSTe Certified Privacy Seals receive recertification every year. In addition, the FTC’s complaint alleges that since TRUSTe became a for-profit corporation in 2008, the company has failed to require companies using TRUSTe seals, to update references to the organization’s non-profit status.
Under the terms of the settlement, TRUSTe will be prohibited from making misrepresentations about its certification process or timeline, as well as being barred from misrepresenting its corporate status or whether an entity participates in its program. In addition, TRUSTe must not provide other companies or entities with the means to make misrepresentations regarding these facts, such as through incorrect or inaccurate model language. The settlement also requires TRUSTe, in its role as a COPPA Safe Harbor, to provide detailed information as to its COPPA-related activities in its annual filing to the FTC, as well as maintaining comprehensive records regarding its COPPA safe harbor activities, for a period of ten years. Each of these provisions represents an increase in the reporting requirements set out under the COPPA rule for safe harbor programs. The company must also pay $200,000 as part of the settlement.