Building Trust 1 June 2017

OTA Members Reflect on Accomplishments Driving Online Security & Responsible Privacy

For more than a decade, the Online Trust Alliance has enhanced online trust and is now building for the future as an Internet Society initiative

Bellevue, Wash. – As the Online Trust Alliance (OTA) combines resources with and becomes a key initiative of the Internet Society (ISOC), OTA’s members today reflected on what the non-profit has accomplished since it was founded in 2004. Over the past 12 years OTA has continually played a pivotal role in online security and privacy by providing important data, tools and guidance to help fight online abuse and fraud while empowering businesses, government agencies, consumers and the online community at large to help enhance online trust and improve the resiliency of the Internet.  See Media Coverage >

OTA was formed by Craig Spiezle during his tenure at Microsoft in 2004, who at the time was a senior director in the online safety group. He recognized that the industry and standards community were at an impasse and the levels of spam and malicious email were having a significant impact on consumers and businesses worldwide. Under Spiezle’s vision and passion for taking on hard and complicated issues, he successfully convened a diverse group of stakeholders to work together toward the common goal of increasing transparency and trust in the online ecosystem. Since his early days of driving email authentication standards, to the development of extended validation SSL certificates and most recently the IoT Trust Framework and guidelines to fight malvertising, his leadership and commitment to working with diverse stakeholders has been recognized as a “voice of reason.”

“As a founding member of OTA, I am proud of the role the organization has played in bringing together public and private sector stakeholders to develop best practices that maximize online consumer trust. Craig’s leadership, forward thinking, agility and understanding of real-world issues and public policy has directly led to OTA’s accomplishments. He has positively shaped the world of data security and privacy,” said John Scarrow, General Manager of Safety Services, Microsoft.

“Spiezle’s passion for the security, privacy and trustworthiness of the Internet has had a substantial impact on users worldwide. As one of the first to champion responsible and ethical privacy practices, and the importance of moving from compliance to stewardship, he has equally shown leadership in the security and privacy communities,” said Sal Tripi, AVP, Publishers Clearing House.

“Threats continue to increase exponentially in both frequency and sophistication. OTA, under Spiezle’s leadership and vision bringing the public and private sectors together, has played a pivotal role in helping us stay a step ahead of cyber attackers. By joining forces with the Internet Society, OTA once again proves its commitment to increasing cybersecurity awareness and online privacy through continued collaboration, education and innovation,” said Neill Feather, President, SiteLock.

“Craig’s vision of creating and continually enhancing the Online Trust Audit has been instrumental in driving sound security and responsible business practices globally. His forward thinking and objectiveness in driving the OTA’s Online Trust Audit has been invaluable to the industry and policy makers worldwide,” said Neil Daswani, Consumer Chief Information Security Officer, Symantec Corporation.

Some of OTA’s specific accomplishments that have helped improve and increase awareness of cybersecurity and online privacy include:

  • Creating and publishing the annual benchmark Online Trust Audit & Honor Roll, focusing on domain security, privacy and consumer protection, recognizing excellence in security and responsible privacy practices. Today, in its ninth year, the Audit is the only independent benchmark report tracking business and security practices of the leading consumer-facing websites.
  • Publishing the annual Cyber Incident & Breach Readiness Guide as a tool to help prevent, detect, mitigate and respond to cyber incidents. The guide, which is in its ninth year, provides organizations prescriptive and actionable advice.
  • Developing the IoT Trust Framework, the most comprehensive and prescriptive guidance to address core security, privacy and sustainability requirements for Internet of Things devices. The Framework reflects input from hundreds of industry leaders including ADT, Microsoft, the National Association of Retailers, Symantec, Verisign and others.
  • Creating the OTA’s Email Marketing & Unsubscribe Audit report. As the first such effort to measure email practices, for past three years OTA has analyzed the world’s largest 200 ecommerce companies’ email marketing practices for end-to-end user experience, from signup through unsubscribe. The effort has accelerated the adoption of safe and transparent unsubscribe practices to help protect consumers’ inboxes and provide brands the ability to better address users’ needs.
  • Providing formal briefings to U.S. government agencies. OTA Founder and President, Craig Spiezle, has been called on numerous times to testify in front of U.S. Congress and brief the White House and congressional members on topics such as IoT security and privacy dangers, drone security and privacy, cybersecurity policy and data sharing.
  • Driving adoption of Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM) and Domain Message Authentication Reporting & Conformance (DMARC). Combined they are an effective strategy to help counter email abuse and business email compromise as leading attack vectors that drive breaches, ransomware and account takeover.
  • Articulating the business and consumer protection value of Extended Validation Secure Sockets Layer (EV SSL) certificates.
  • Providing a global forum to educate, discuss and advance balanced online security and privacy public policy, mutually benefiting consumers, businesses and government including hosting multi-stakeholder initiatives to address the security risks of botnets, ransomware, ICANN top-level domain (TLD) changes and malvertising.

“I am proud of how OTA has and will continue to advocate how essential trust is to the foundation of the Internet and the importance to move beyond online security and privacy compliance to stewardship,” said OTA Founder and President, Craig Spiezle. “As OTA is now part of the Internet Society, I look forward to our mission and principles being embraced and amplified building upon OTA’s accomplishments.”

“OTA’s long tradition of prescribing best practices to improve online security and privacy, and then measuring their adoption and recognizing stewardship, is a key reason we wanted OTA as part of the Internet Society,” said Internet Society Chief Internet Technology Officer, Olaf Kolkman. “We look forward to expanding OTA’s efforts, and to Craig’s leadership and guidance as a strategic advisor to ISOC going forward.”

This April, OTA and the Internet Society (ISOC) announced that the two global non-profit organizations were combining resources, expanding the reach and impact of OTA to a broader group of stakeholders and industry members. Under the agreement, OTA will operate within the Internet Society, and members will automatically become members of Internet Society’s Organizational Member Advisory Council.

More details about OTA’s history are here

About OTA:

The Online Trust Alliance (OTA) is an initiative within the Internet Society (ISOC), a 501c3 charitable non-profit with the mission to promote the open development, evolution, and use of the Internet for the benefit of all people throughout the world. OTA’s mission is to enhance online trust, user empowerment and innovation through convening multi-stakeholder initiatives, developing and promoting best practices, responsible privacy practices and data stewardship. To learn more about the Internet Society visit

Related resources

Building Trust 8 October 2019

OTA’s Trust Audit Scores U.S. Presidential Candidates’ Campaigns, Finds Major Failures in Privacy Statements

Reston, VA. – October 8, 2019 – The Internet Society’s Online Trust Alliance (OTA), which identifies and promotes security and privacy...

Building Trust 25 September 2019

The Internet Society’s Online Trust Alliance Announces Methodology for Eleventh Online Trust Audit and Honor Roll

Criteria updated to include increased focus on encryption and global privacy regulations; international retail segments added

Building Trust 9 July 2019

Internet Society’s Online Trust Alliance Reports Cyber Incidents Cost $45B in 2018

Reston, VA – July 9, 2019 – The Internet Society’s Online Trust Alliance (OTA), which identifies and promotes security and privacy...