Trustmark Schemes Struggle to Protect Privacy (2008)
The limited coverage of privacy trustmarks has been a major concern for consumers. Despite the grand sounding names, such as privacy seal, certified privacy seal or verified privacy seal, most trustmarks only cover a very small area of an organisation’s activity.
For example, the TRUSTe privacy seal states:
The privacy statement and practices of www.XYZ.com have been reviewed by TRUSTe for compliance with our strict program requirements.
The BBB Online Privacy Seal stated:
The seal does not reflect the past practices or policies of any particular seal participant, or practices pertaining to information collected other than online.
These restrictions have been strictly and severely enforced in practice.
In the Microsoft Global UID case, TRUSTe stated that its seal covered only Microsoft's website – not its software – and that the data Microsoft gathered was not transmitted to Microsoft's website. But consumer groups argued that Microsoft's privacy page (prominently displaying the TRUSTe seal) also discussed online registration of software products, and noted that the ‘personal profile’ from their software registration appears on the website and is editable from the website. That page appeared to claim that registration was covered by the TRUSTe certification.
Similar arguments were used to justify the lack of action in the RealNetworks case and the AOL case.
In the RealNetworks case TRUSTe claimed that the ‘music-listening software works via the Internet, but only indirectly through a Web site visit’.
In the AOL case TRUSTe claimed that the seal only covers ‘www.aol.com’ and not ‘members.aol.com.’. This means that if you visit www.aol.com (which is covered by the seal) and you decide to join you are sent to members.aol.com which is not covered by the TRUSTe seal, and you lose your protection.
These three decisions are questionable. Taken together they are one of the chief causes of TRUSTe’s poor reputation. The AOL decision is particularly galling, and makes TRUSTe look like they were happy for AOL to lure people into paying for a service based on a privacy promise that is then withdrawn once the money is handed over.
 Tedeschi B, E-Commerce Report; Some online sellers are hiring prominent auditors to verify their privacy policies and increase trust, The New York Times, 18 September 2000, <http://query.nytimes.com/gst/fullpage.html?res=9501E2DF163BF93BA2575AC0A9669C8B63&sec=&spon=&pagewanted=all>.
 Slashdot, TRUSTe Decides Its Own Fate Today, 8 November 1999, <http://yro.slashdot.org/article.pl?sid=99/11/05/1021214>.
 Smith R, Online Profiling from a Consumer’s Perspective, 8 November 1999, <http://www.cdt.org/privacy/FTC/profiling/russsmith.htm>.