Social Media and eCommerce Sites Lead in
Security and Privacy
Banking and U.S. Government Show Growth But
Lag in Adoption of Best Practices;
OTA Introduces Online Trust Index Measuring Ability to Protect Site Visitors
- Internet Retailer Conference and
Exhibition - June 6, 2012 - The Online
Trust Alliance (OTA) today released the fourth annual Online Trust Honor
Roll recognizing website adoption of key technologies to help protect
consumer privacy and security. The OTA 2012 Online Trust
Honor Roll, determined by a composite analysis of ten security and
privacy best practices, honors approximately 30% of top eCommerce sites, 20%
of FDIC 100 sites, and 50% of Social Media sites. Offering comparability for
market segments, OTA is also introducing the Online Trust IndexTM
which calculates an overall security and privacy metric taking into account
key efforts for each industry segment.
Social media and eCommerce sites represent the
strongest sectors in terms of supporting privacy and security best
practices, and scored average OTIs of 75.6 and 75.1 respectively, based on a
normalized score of 1 to 100. Surprisingly, the FDIC 100 received the
lowest OTI, 65.5, reflected in part by their broad data sharing practices,
occurrences of loss incidents and lower levels of support of key technology
Based on OTA's review of over 1,200 sites, several
companies stand out as leaders, including Twitter, who scored at the top of
nearly every criteria and recently embraced the support of Do Not Track (DNT) privacy preferences, demonstrating commitment to self-regulation.
Other leading recipients include American Greetings Interactive, Bank of
America, Costco, Charles Schwab, eHarmony, PayPal, Publishers Clearing
House, Walmart and Zynga.
"OTA's work to recognize best practices for sites
underscores the importance of focusing on security and privacy
holistically," said Craig Spiezle, executive director and president, Online
Trust Alliance. "This year's honor roll recipients have demonstrated
exceptional leadership and commitment towards consumer protection and to
enhance the vitality of the internet."
"We've been working on a number of ways to
update the security of our service and systems," said Bob Lord, Twitter
security chief. "We're honored by the recognition the OTA has given us, and
support their hard work in this area. We share their holistic approach to
security and privacy in pursuit of the best possible user experience."
"We're humbled by the recognition from
the Online Trust Alliance," said Nils Puhlmann, Chief Security Officer,
Zynga. "Our philosophy is to protect how we work and play, and we
consistently focus on maintaining and protecting the trust of our customers.
Organizations like the OTA are essential for delivering industry best
practices, and we'll continue to work hand-in-hand with the community to
bring new issues to light and solve challenges."
"Maintaining the trust and integrity needs to be a
priority for all online businesses," said Sal Tripi, Assistant VP, Digital
Operations and Compliance, Publishers Clearing House. "We are proud to be
have qualified for the 2012 Online Trust Honor Roll. Data stewardship
and the voluntary adoption of security and privacy best practices is the
foundation for a safe, secure and vital ecosystem."
Highlights of the OTA 2012 Online Trust Honor
Roll and Scorecard:
Nearly 30% of the sites earned entry into the Honor
Roll, for successfully implementing several key best practices including
maximizing SSL server security, adopting privacy best practices and
Email authentication adoption continues to rise, with
more than 68% of top 100 ecommerce sites have adopted both SPF and DKIM.
Average SSL scores for all sectors ranged from
approximately 68% (Federal Gov't) to 80% (Social Media).
Worldwide adoption of EV SSL certificates increased
48% over 2011.
66% of OTA members qualified for the Honor Roll,
reflecting their commitment to online trust and self-regulation.
About The Online Trust Alliance
The Online Trust Alliance (OTA) is a member-based
non-profit representing the global internet ecosystem - including the public
and private sectors. OTA's mission is to develop and advocate best practices
and public policy which mitigate emerging privacy and security threats while
enhancing online trust, innovation and the vitality of the digital economy.
OTA is committed to protection of critical infrastructure, balanced
legislation and data protection through the promotion of best practices,
benchmark reporting, and self-regulation. For more information, visit:
Revised April 6. 2014