What to think about when considering whether your organization should purchase a privacy certification:
- Does the certifying agency have its own privacy or security standards?
- Do the certifying agency’s standards exceed legal requirements?
- Does your organization’s practices meet the certifying agency’s standards?
- If the certifying agency’s standards change, is your organization prepared to modify its practices accordingly?
- Has the certifying agency been investigated by the FTC, or another consumer protection authority, for deceptive or unfair practices?
- If so, are you confident that the certifying agency’s seal and review process is non-deceptive and that association with the agency will not result in negative publicity?
- Have consumers complained to the FTC about the certifying agency?
- Does your organization have a mechanism in place to ensure that the license for the seal is renewed each year and/or that the seal is removed from your website if the license expires?
- Have plaintiffs' attorneys used the seal against other organizations by alleging that those organizations agreed to a higher standard of care by adopting the seal?
The following provides a snapshot of information regarding privacy certifications and "trustbrands."
Percentage of consumers that are worried about online privacy.1
Percentage of consumers who claim they look for privacy certifications and seals on a website.2
The number of certifying agencies the FTC has alleged offered deceptive seals.4