Archives

Online Assurance Programs

Online assurance programs were created to independently regulate information privacy and build consumer trust, especially with regard to Internet transactions. These programs play a big role in countries, like the United States, which rely on industry self-regulation, rather than strong government oversight to ensure the protection of consumer data.

What are Online Assurance Programs?

Online assurance programs are a broader term for a number of organizations and associations that have created a set of privacy standards that all of its members or clients have agreed to abide by. These programs allow self-regulation of privacy. By becoming a member of a consumer protection association or participating in a trust seal program, businesses build consumer confidence and increase consumer traffic, theoretically pushing companies without privacy guarantees out of business.

Online assurance programs often also provide dispute resolution services to businesses participating in their program. Should a customer file a privacy complaint against them, by law, a business is required to investigate the complaint. Dispute resolution services provide consumers with an impartial third party to investigate privacy disputes and provide businesses, who otherwise might not have the means, to investigate disputes using privacy professionals.

Examples of Online Assurance Programs Around the World

TRUSTe

TRUSTe was the first and continues to be the largest web privacy seal organization. It provides assurance seals for web privacy, email privacy, EU Safe Harbor compliance and COPPA compliance. All participants are required to follow TRUSTe’s privacy standards. To participate, businesses sign a contract with TRUSTe who then conducts an investigation into the website’s privacy policies and technology. TRUSTe makes recommendations and once the suggestions are implemented the company receives the TRUSTe seal.  Participants continue to be monitored through dispute resolution and periodic scanning. TRUSTe also maintains a directory of trusted sites for consumer access and use.

BBBonline

BBBonline is an extension of the Better Business Bureau Organization, which was founded in 1912 to promote fair marketing practices and build trust among buyers and sellers. In addition to safeguarding privacy, business accreditted with BBBonline must follow a code of business practices. These include promises to build trust, advertise honestly, tell the truth, honor promises, be responsive and transparent, and embody integrity.

Network Advertising Initiative

NAI is a cooperative agreement between online marketing and analytics companies to build consumer awareness and implement and abide by effective privacy practices. One of the most significant features of the NAI is their Opt Out of Behavioral Advertising tool which tells a user which of its members have placed cookie files on their hard drive and allows them to change their consent options according to their preferences. Users will still see online advertising on websites, but by opting out, the companies involved in the Network Advertising Initiative will no longer collect information about a user’s web activity to create tailored advertising.

US Direct Marketing Association

The Direct Marketing Association is a group of trade organizations which promote direct marketing to consumers. Though the DMA’s purpose is to increase the use and efficacy of direct marketing, which includes the use of spam and unsolicited marketing messages, the DMA also promotes fair marketing practices and consumer awareness programs including consumer preference services such as DMAchoice, telephone and fax preference services, which provide consumers with consent options with regard to marketing messages.

The Japanese Information Processing Development Cooperation

JIPDEC was created to develop IT technologies and policies. Recently it has been a major contributor to the development of Japan’s information privacys law and the development of the the Privacy Mark System which functions similarly to a privacy seal program. In the Privacy Mark System, third-parties evaluate a business’s compliance with Japan’s data protection laws and any problems are rectified before a business may display the PrivacyMark.

Health Information Trust Alliance

The HITRUST is a collaboration between healthcare, business and technology organizations to help manage personal health information and use IT effectively to comply with HIPAA and HITECH regulations. HITRUST created a common security framework which helps organizations implement information security according to the information they handle and the associated regulations. The common security framework is free to use. Unlike other organizations HITRUST does not require compliance with a set of practices or codes, but does promote protection of information by helping companies understand privacy law and develop effective, relevant information security and privacy practices.

European Privacy Seal

EuroPriSe is the European equivalent of trust seal programs. EuroPriSe was developed out of a desire to have independent regulation of data protection in addition to government regulation. To obtain a privacy seal, independent privacy experts conduct an investigation. The government accredited certification body evaluates the report for compliance with the Data Protection Directive and other European privacy laws. If found to be compliant, the IT product or service is given the European Privacy Seal. EuroPriSe does not provide dispute resolution services since data protection complaints are handled under the Data Protection Directive.

Summary

The number one objective of online assurance programs is to build trust with consumers. Whether an organization oversees compliance through the use of privacy seals or use cooperative agreements to comply with a set of standards, businesses are making privacy an important feature in building strong, effective, long-standing relationships with customers.

CIPP Candidate Preparation

In preparation for the Certified Information Privacy Professional exam, a privacy professional should be comfortable with topics related to this post including:

  • Online Assurance including trust seal, dispute resolution programs and self regulatory frameworks. (III.B.l.i-iii.)
Share

Leave a Reply

 

 

 

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>