As the Internet has grown, so have the responsibilities of companies that engage in online business. At the heart of these responsibilities is consumer data management — collection, use, storage and protection. Many organizations do not have the necessary infrastructure and policies in place to safeguard consumer data, which is evident by the growing number of data breaches and cases of data misuse.
To encourage business accountability, the Online Trust Alliance (OTA) has developed Trust Principles, which reflect the consensus of OTA member companies around the globe. The OTA Trust Principles underscore the need and opportunity for increased business accountability, data stewardship and practices to improve consumer choice, preferences and control of data.
The Trust Principles are broken down into three main categories: system infrastructure, data-loss prevention, and user choice, control and privacy. And while the Trust Principles complement self-regulation principles released by other organizations, the OTA plans to apply a compliance measurement framework to strengthen self-regulation. This framework will include tracking and public reporting, similar to OTA scorecards for email authentication and adoption of EV SSL Certificates.
Advertisers, service providers and site publishers are encouraged to review and adopt the applicable principles. By following these best practices, your company will be better prepared should there be stronger enforcement measures.
Key indicators of stronger enforcement:
— David Vladeck, head of the Bureau of Consumer Protection at the FTC, has stated “We’re happy to see industry trying to police itself, but I don’t think that’s sufficient.”
— Rep. Rick Boucher (D-Va.), chairman of the House Commerce Committee’s Subcommittee on Communications, Technology and the Internet, is drafting a bill that would impose broader rules on websites and advertisers to give consumers more control over their information.
— The FTC is hosting a roundtable series beginning in December titled “Exploring Privacy.”
How confident are you that your current business practices would pass regulatory scrutiny? If you are not confident in your business practices, use the Trust Principles as a self-assessment guide to audit your policies. A few changes could help you avoid a crippling data breach or prevent a hefty fine.