Trustmark Schemes Struggle to Protect Privacy (2008)

5. Timing issues

The level of protection offered by a web trustmark depends on the time of a transaction and/or the time of making a complaint. Protection will only be available for the period where the organisation is certified. There may also be other time limits on lodging a complaint.

The biggest timing problem is the volatile nature of membership of trustmark schemes. Memberships often lapse for non-payment. Typically these are quickly renewed but consumers lose their rights (or become confused about their rights) during the intervening period.[53] In the Gratis case (discussed above) the membership status of the company changed almost daily as TRUSTe issued multiple press releases and clarifications.[54] Privacy legislation is far more static by contrast.

Timing issues were also a concern in the GeoCities case, where it appeared that TRUSTe maintained the certification of GeoCities even as they were negotiating a substantial privacy law settlement with the Federal Trade Commission:

In June 1998, the FTC announced - to everyone's surprise - that it and GeoCities had come to a settlement regarding violations of consumer privacy. Everyone was surprised because this was the first anyone had heard of it. Where was TRUSTe? Caught flat-footed, TRUSTe scrambled for a few days, then made its own announcement. It pointed out that GeoCities had begun the alleged privacy violations before applying to become a member (in April) and being accepted (in May). Therefore, TRUSTe claimed, the violations were technically not under the scope of their investigation. But turn that around and put it another way - it was able to become a TRUSTe member even while under investigation by the FTC, and TRUSTe said nothing. [55]

If trustmark schemes will not provide basic information and warnings to consumers because of ‘timing issues’ their value as a privacy protection is significantly diminished.

TRUSTe isn’t the only trustmark scheme that has allowed timing issues to become a barrier to privacy protection. PrivacyBot offers a ‘provisional’ trustmark – a seal that looks exactly the same to the consumer as the regular PrivacyBot seal:

Use our 6 Step Wizard to create a Privacy Policy in about 10 minutes. Your Privacy Policy & Trustmark will be delivered promptly online. Display the Trustmark today on a provisional basis.[56]

A consumer who provided personal information to the site during this ‘provisional’ period receives no protection and cannot use the PrivacyBot complaints service if any problems occur prior to full certification. Provisional periods can be as long as six months. This odd approach displays the high value that trustmarks place on business convenience, and the low value placed on privacy protection.

Also, consumers may lose some rights under trustmark schemes if they don’t complain quickly. Consumers lose their rights under the Guardian privacy seal if they don’t complain of a breach within 25 days of the original transaction.[57] This compares poorly with the time periods used in general privacy and consumer protection law. It also compares poorly with best practice advice for consumers from Privacy Commissioners – for example the Australian Privacy Commissioner encourages people to complain within 12 months of becoming aware of a the breach (not the date of the original transaction).[58]

[53] See for example the consumer discussion regarding a lapse in membership of the online retail giant newegg: <>. Also, see the debate regarding the membership of me.dium <>.

[54] Kahney L, Sold Private Data – Despite Promising Not to, 16 March 2006, <>.

[55] Slashdot, TRUSTe Decides Its Own Fate Today, 8 November 1999, <>.

[56] <>

[57] <>

[58] <>