Last week, TRUSTe, Inc. (“TRUSTe”) settled Federal Trade Commission (“FTC”) charges that it misrepresented its certification programs and non-profit status to consumers.  TRUSTe offers clients Certified Privacy Seals, representing to consumers that the website, software, data processing service, or mobile application is compliant with the relevant TRUSTe program.  These programs include specifications related to transparency of company practices, verification of privacy practices, and consumer choice regarding the collection and use of consumer personal information.

The FTC’s complaint alleges that TRUSTe represents that it annually recertifies all companies displaying the Certified Privacy Seal to ensure ongoing compliance with the program requirements, however, from 2006 until January 2013, TRUSTe did not do so in over 1,000 instances.  According to the complaint, prior to its transition to a for-profit entity in July 2008, TRUSTe required its clients’ privacy policies to include a statement that “TRUSTe is an independent, non-profit organization.”  The FTC also alleges that TRUSTe recertified clients who failed to update references to the company’s for-profit status.

The proposed consent order requires TRUSTe to not misrepresent (i) its corporate status, (ii) the steps it takes to evaluate, certify, review, or recertify a company’s privacy practices (and the frequency with which it does so), and (iii) the extent to which clients comply with any TRUSTe privacy program.  The order also requires TRUSTe, as an operator of a COPPA safe harbor program, to provide detailed information about its COPPA programs as part of its annual filing to the FTC, in addition to maintaining comprehensive records about this program, for ten years.  TRUSTe also must pay $200,000 as part of the settlement.  The FTC’s order is silent with respect to any ramifications for companies that had obtained certifications from TRUSTe.

FTC Chairman Edith Ramirez stated, “TRUSTe promised to hold companies accountable for protecting consumer privacy, but it fell short of that pledge.  Self-regulation plays an important role in helping to protect consumers.  But when companies fail to live up to their promises to consumers, the FTC will not hesitate to take action.”