The 2016 Online Trust Audit and Honor Roll shines a light on trust in security, privacy and consumer protection practices, recognizing excellence and leadership while highlighting key areas for improvement. This year OTA documented a record level of achievement with 50% of audited companies qualifying for the Honor Roll despite a higher bar and more stringent criteria. This performance is gratifying.
The primary goals of the Audit includes driving adoption of best practices and provide resources to aid companies in enhancing their security, data protection and privacy practices. The secondary goal is to recognize companies who have demonstrated a commitment to online trust and consumer protection by designating them as recipients of the 2016 Online Trust Honor Roll. Last but not least, a third goal is to provide an incentive for consumer-facing brands to make security and privacy part of their brand promise.
As reviewed at the media briefing on June 14th and panel moderated by David Valdeck of Georgetown University with Twitter, American Greetings Interactive, Living Social and the National Association of REALTORS, having a security and privacy focus is a key success factor. This year’s performance shows that more companies than ever use widely recognized standards and best practices to ensure trustworthy experiences online. In fact, this year’s high performance drove a new categorization of “Top of the Class” recognizing sites with total scores of 95% or higher.
The top 10 scoring sites include:
|1. Twitter (twitter.com)||6. FileYourTaxes (fileyourtaxes.com)|
|2. HealthCare.gov (healthcare.gov)||7. LifeLock (lifelock.com)|
|3. Pinterest (pinterest.com)||8. Instagram (instagram.com)|
|4. The White House (whitehouse.gov)||9. 1040.com (1040.com)|
|5. Dropbox (dropbox.com)||10. The Gap (gap.com)|
While the top 10 include many widely recognized names, it’s important to note that Honor Roll companies are not only those with huge operations or extensive resources. Among the top 500 Internet Retailers, for example, Honor Roll awardees includes both the largest (#1) and almost the smallest (#493) illustrating that excellence in trust is attainable by every organization. The issue is not resources or obscure, expensive technology – the only requirement is the will to take action, learning about known, established techniques, then implementing them.
In spite of the positive news overall, several areas of concern remain, especially when looking at the detail. The overall failure rate of 42% is lower than last year, but still notable. Too many sites still fail to take relatively straightforward steps to address consumer/brand protection practices (including use of top level domain DKIM, DMARC, etc.). Site security metrics show wide variation in adoption (or not) of key standards advocated by the FDIC, IRS, OMB and industry. Responsible privacy practices still lag, especially where business models drive unfettered data sharing, including a concerning number of sites are in violation of California Do Not Track disclosure requirements.
OTA salutes the 2016 Honor Roll recipients and is proud of the contribution the Online Trust Audit has made to driving adoption of best practices. At the same time we are concerned on the number of sites who fail. OTA calls on all sites to double down on their security investments and adopt responsible privacy practices.
To learn more about the 2016 Online Trust Audit & Honor Roll, join us on June 28, for the Highlights Webinar. Register Today