‹ Back
Building Trust 14 September 2016

Online Trust Alliance Requests Public Comment for 2017 Online Trust Audit Methodology

Annual trust assessment recognizes companies’ commitment to security & privacy

BELLEVUE, Wash. and SAN JOSE, Calif. – The Online Trust Alliance (OTA) today issued a call for public comments on criteria for inclusion in the 2017 Online Trust Audit. Now in its ninth year, the Audit is recognized as benchmark research for evaluating responsible privacy and data security practices of over 1,000 consumer facing sites across the public and private sectors. Speaking at the IAPP’s Privacy. Risk. Security Conference session tomorrow entitled “Making The Grade: Moving from Compliance to Stewardship,” OTA will be critiquing 2016 results and inviting suggestions for best practices which further enhance consumer protection, data security and user privacy.

The primary goals of the Audit include:

  1. Provide benchmark tracking of industry standards and best practices.
  2. Giving prescriptive tools and resources to aid companies in enhancing their practices. 
  3. Reward and recognize organizations achieving top scores, demonstrating a commitment to online trust and consumer protection.

As the only comprehensive, independent, online trust benchmark study, the Audit evaluates sites on three primary categories including security, privacy and consumer protection practices. The Audit includes over 50 criteria ranging from site security and privacy policies to prevalence of third party data tracking and sharing to reputation analysis of domains, IP addresses and marketing practices. Sectors evaluated include banking, ecommerce, online services, content and public sector government sites.

This year a record 50 percent of sites achieved scores of 80 percent or higher, confirming that while the bar is raised every year, the criteria are achievable by organizations of all sizes in all industries. OTA updates the criteria and scoring models annually, incorporating input from industry, government agencies, consumer groups, trade associations, and generally accepted and deployed security standards. The 2016 methodology is supported by data provided through a combination of leading technology providers and OTA’s internal assessment tools.

“In order to maintain consumer trust and confidence and spur the vitality of online services, it is imperative that organizations double-down on security and privacy measures,” said Craig Spiezle Executive Director and President, Online Trust Alliance. “The Online Trust Audit recognizes companies embracing data stewardship, transparency and a commitment to consumer protection.”

In order to be considered, recommendations for new or revised metrics must: 

  1. Be vendor neutral and reflect generally accepted industry and business standards
  2. Allow for automation (i.e., must not require manual data collection)
  3. Be applicable internationally and across banking, ecommerce, online services, public sector government and news/media sectors

OTA’s Internet Trustworthy Working Group is currently evaluating possible additions including adoption of multi-factor authentication, business reputation scoring and email marketing practices. In addition, assessment of sites’ publically discoverable vulnerability reporting mechanisms is under consideration to promote responsible vulnerability disclosures.

Comments for the 2017 methodology should be submitted to OTA via email to [email protected] in a word document or PDF.  All submissions must include contact information and an outline of the criteria and reference material to be considered for inclusion. The deadline is 5 PM PST, Thursday, November 3, 2016. OTA may post all submissions unless they are marked confidential  More Information

About OTA: 

The Online Trust Alliance (OTA) is a non-profit with the mission to enhance online trust and user empowerment while promoting innovation and the vitality of the Internet. Its goal is to help educate businesses, policy makers and stakeholders while developing and advancing best practices and tools to enhance the protection of users’ security, privacy and identity. OTA supports collaborative public-private partnerships, benchmark reporting, and meaningful self-regulation and data stewardship. Its members and supporters include leaders spanning the public policy, technology, ecommerce, social networking, mobile, email and interactive marketing, financial, service provider, government agency and industry organization sectors.

‹ Back

Related resources

OTA Requests Public Comments for 2018 Online Trust Audit Methodology
Building Trust21 September 2017

OTA Requests Public Comments for 2018 Online Trust Audit Methodology

Reston, VA – The Online Trust Alliance (OTA), an Internet Society initiative, today issued a call for public comments about...

OTA Announces Methodology for Ninth Annual Online Trust Audit
Building Trust31 January 2017

OTA Announces Methodology for Ninth Annual Online Trust Audit

Jan. 31, 2017 - Bellevue, Wash. & Washington DC - The Online Trust Alliance today released the methodology for the...

OTA Announces Methodology for 2015 Online Trust Audit & Honor Roll
Building Trust2 March 2015

OTA Announces Methodology for 2015 Online Trust Audit & Honor Roll

Seattle, Washington - The Online Trust Alliance announced today the methodology behind their forthcoming 2015 Online Trust Audit and Honor...

Join the conversation with Internet Society members around the world