HomeBest PracticesIndustry Best Practices

Industry Best Practices

OTA provides the following best practices, resources and guidance to help enhance online safety, data security, privacy and brand protection.   To maintain and enhance online trust, industry needs to move from a compliance mindset to one of stewardship, while promoting the value exchange consumers receive. Organizations should consider these efforts and apply to their organizations as applicable, following a review of their respective legal, regulatory and compliance requirements.

OTA Requests Public Comments for 2018 Online Trust Audit Methodology

Thu, Sep 21, 2017

Reston, VA – The Online Trust Alliance (OTA), an Internet Society initiative, today issued a call for public comments about criteria for inclusion in its 2018 Online Trust Audit. Now in its tenth year, the Audit is recognized as benchmark research evaluating responsible online privacy and data security practices of more than 1,000 consumer-facing organizations across the public and private sectors.

Site Vulnerability & Bug Reports

OTA is committed to the adoption of security and privacy best practices.  Recognizing the evolving threat landscape, we welcome responsible and coordinated disclosures to help improve the security of our site.   Please allow 72 hours for an intial reply and initiate investigations and risk assessments.    Note unless requested otherwise by the submitter, after investigation and resolution, we will provide affirmation to confirmed and resolved reports.

Information Required

Marketing & Unsubscribe Best Practices

Consumers often react negatively to email which they feel is irrelevant to their interests or which may be sent to their inboxes too frequently. Today ISPs are placing added weight on user engagement to make a determination on the placement of email into the user’s inbox, junk or spam folder. With these considerations, it is in any marketer’s best interest to create a trustworthy unsubscribe mechanism for their recipients. The opt-out function should be easily discoverable and useable. OTA encourages mailers to move past the minimum compliance requirements outlined in the U.S. CAN-SPAM Act and the recently passed Canadian Anti-Spam Legislation (CASL). More >

Native Advertising

Advertising & Content Integrity Working Group   I   Anti-Malvertising    I   Native Advertising

State of Native Advertising Transparency Report - August 3, 2016
Disclosure, Discoverability & Delineation

Transport Layered Security (TLS) for Email

Today email is effectively a plaintext communication sent from email clients to receiving email servers or from one server to another.  This design limitation leaves the content of a message in transit open for anyone to eavesdrop; from a wireless hotspot at the airport or coffee shop to your ISP and internet backbone providers that carry your messages throughout the world.

Subscribe to Industry Best Practices