Trustmark Schemes Struggle to Protect Privacy (2008)

9. Penetration

Trustmark schemes have not been successful in penetrating the market. Just 7 out of the global top 50 visited websites have any form of trustmark. This is made up of 7 sites with TRUSTe seals (3 of those are Microsoft brands).[80]

One emerging criticism of trustmarks is that the proportion of legitimate, privacy-friendly websites with trustmarks is diminishing, while the number of scam sites or privacy intrusive websites carrying trustmarks is increasing. There is a risk of guilt by association for legitimate sites, as some commentators have started to warn consumers that a trustmark may actually indicate a higher risk than the absence of a trustmark.

A major cause of this issue is the large number of scam, fake, expired and useless seals that now appear online (discussed above).

A more pressing issue is the number of privacy-intrusive sites who have been certified by TRUSTe – the last high-profile generic privacy trustmark scheme still operating. TRUSTe has listed all of the following sites as certified in recent years, either as part of the privacy seal program or the trusted download program. These organisations are all well known to privacy, security and consumer advocates, as they have been subject to numerous privacy and security breaches, FTC investigations and ongoing consumer campaigns[81]:



Deceptive installation

Non-consensual spyware installation, including deceptive installations and installations through security vulnerabilities.

Adware / malware


Consumer protection warnings (Gratis Internet)

Spam seller

Malware - sends a record of every websearch made, with the user’s IP address

Idownload (e.g. smartshopper)

Deceptive practices


Spam seller

Relevant Knowledge (provisional)

Tracking / adware

Installs tracking software without informed consent (Hotbar)

Spyware / adware

Spam seller


Note that TRUSTe has defended the appearance of many of these sites on its list of sealholders, claiming that they were listed in error:

FunWebProducts, was, by an error in our database listed on our customer list, but it has never been certified, and has never displayed any seals or reference to TRUSTe to consumers.[82]

In total, more than a dozen such errors have been claimed by TRUSTe.[83] Many of the sites were listed in error for over 12 months.[84]

[80] <>, accessed on 29 August 2008.

[81] Edelman B, Certifications and Site Trustworthiness, 25 September 2006, <>.

[82] TRUSTe, TRUSTe Certifications and Online Trust, 25 September 2006, <>.

[83] Porter W, TRUSTe Answers The Challenge and Asks Mr. Edelman To Do The Same..., 2 October 2006, <>.

[84] Edelman B, Certifications and Site Trustworthiness, 25 September 2006, <>.