Donate
‹ Back
Building Trust 18 September 2015

Online Trust Alliance Audit Finds 74% of U.S. Presidential Candidates’ Websites Fail to Respect Americans’ Privacy

 
Candidates are sharing, selling & trading sensitive data
 

BELLEVUE, Wash. September 18, 2015 – The Online Trust Alliance (OTA), the non-profit with the mission to enhance online trust, today released its Presidential Candidate Online Trust Audit. The report evaluates the privacy, security and consumer protection practices of the top presidential candidates’ websites. After a thorough assessment, 17 of the 23 websites, or 74 percent received failing grades.

Conversely, the 26 percent that passed performed so admirably that they achieved “Honor Roll” status. There was no middle ground—either the websites had failing or excellent scores.

Poor Privacy Practices
All the failures can be attributed to troubling privacy practices, with 74 percent of candidates’ websites scoring an “F” grade in this category. Some websites failed due to nonexistent or inadequate privacy policy disclosures. Others flunked because they reserve the right to liberally share or sell their donors and site visitors’ personally identifiable information (PII), including addresses, phone numbers, employers and even passport numbers, with unaffiliated third parties that the candidates deem as like-minded organizations.

“Although political websites may not be beholden to the same security and privacy standards as industry, our findings clearly reveal that these campaigns’ data practices are out of alignment with consumer expectations and Federal Trade Commission guidelines for the business community,” said Craig Spiezle, Executive Director and President of OTA. “In this era of consumers’ mounting distrust of data and privacy practices, candidates must move beyond a compliance mindset and embrace responsible data stewardship.”

OTA recommends that voters review a candidate’s site for published privacy policies before making a donation or completing an online form. Unfortunately, 17 percent of the evaluated websites did not even have a discoverable privacy policy. Failure to disclose such information potentially puts candidates at odds with various federal and state regulations.

Bright Spots: Security and Consumer Protection
On a positive note, the candidates’ websites received excellent scores for server security, with only one site having an observed vulnerability (not serious enough to fail). This trend can be ascribed to the adoption of best practices and the fact that they are all relatively simple, recently built sites. 70 percent of the sites have implemented Always-On SSL, which encrypts the web session between the user and website, enhancing both data security and privacy of the user. 

All candidates had excellent consumer protection scores. This category accounts for measures implemented to help protect one’s domain and email communications from eavesdropping through the adoption of best practices including email encryption and authentication protocols. This is important because deficiencies in this area can put campaigns at risk of phishing schemes whereby cybercriminals use spoofed domains to send fraudulent emails that appear to be from the candidate. Recipients are then tricked into donating money or revealing personal information, putting them at risk for identity theft.

Passing and Failing Candidates
The breakdown of candidates whose websites made OTA’s Honor Roll or failed the evaluation is as follows:

2016 Presidential Candidates
Honor Roll       Failing Grades
Jeb Bush (R)  Ben Carson (R)
Lincoln Chafee (D) Hillary Clinton (D)
Chris Christie (R) Ted Cruz (R)
Martin O’Malley (D) Carly Fiorina (R)
Rick Santorum (R) Jim Gilmore (R)
Scott Walker (R)  Lindsey Graham (R)
  Mike Huckabee (R)
  Bobby Jindal (R)
  John Kasich (R)
  Lawrence Lessig (D)
  George Pataki (R)
  Rand Paul (R)
  Marco Rubio (R)
  Bernie Sanders (D)
  Jill Stein (G)
  Donald Trump (R)
  Jim Webb (D)

The complete report and methodology is posted at here.  

About OTA: 

The Online Trust Alliance (OTA) is a non-profit with the mission to enhance online trust and user empowerment while promoting innovation and the vitality of the Internet. Its goal is to help educate businesses, policy makers and stakeholders while developing and advancing best practices and tools to enhance the protection of users’ security, privacy and identity. OTA supports collaborative public-private partnerships, benchmark reporting, and meaningful self-regulation and data stewardship. Its members and supporters include leaders spanning the public policy, technology, ecommerce, social networking, mobile, email and interactive marketing, financial, service provider, government agency and industry organization sectors.

‹ Back

Related resources

OTA’s Trust Audit Scores U.S. Presidential Candidates’ Campaigns, Finds Major Failures in Privacy Statements
Building Trust8 October 2019

OTA’s Trust Audit Scores U.S. Presidential Candidates’ Campaigns, Finds Major Failures in Privacy Statements

Reston, VA. – October 8, 2019 – The Internet Society’s Online Trust Alliance (OTA), which identifies and promotes security and privacy best...

Online Trust Alliance Finds 46% of IRS Free E-File Tax Services Fail to Adequately Protect Consumers
Building Trust17 June 2016

Online Trust Alliance Finds 46% of IRS Free E-File Tax Services Fail to Adequately Protect Consumers

Wed, Feb 24, 2016 Updated June 17, 2016 Editor’s Note - Since the original audit all eFile sites were re-audited...

OTA Audit Finds More Websites Than Ever are Trustworthy; Yet Increasing Disparity
Building Trust20 June 2017

OTA Audit Finds More Websites Than Ever are Trustworthy; Yet Increasing Disparity

The Online Trust Alliance (OTA), an Internet Society initiative with the mission to promote best practices for online trust, announced...

Join the conversation with Internet Society members around the world