Online Trust Alliance (OTA)

NOTE: The Online Trust Alliance (OTA) is no longer an active project. The information here is preserved for historical purposes but is no longer being updated.

The Internet Society’s Online Trust Alliance (OTA) was a past project to identify and promote security and privacy best practices that build consumer confidence in the Internet. Leading public and private organizations, vendors, researchers, and policymakers contributed to and followed OTA’s guidance to help make online transactions safer and better protect users’ data. OTA Goals were:

  • Through independent research and benchmark reporting, educate stakeholders on Internet issues impacting user trust and brand reputation;
  • Drive multistakeholder initiatives to develop and advance best practices to protect users’ security, privacy, and identity;
  • Via working groups and committees,  develop industry leadership and harness the power of collaboration, meaningful self-regulation, and data stewardship;
  • Establish and foster partnerships and collaborative learning opportunities; and
  • Empower users to act in their own privacy and security interests.
Some examples of OTA’s past work products include:

Online Trust Audit and Honor Roll


The Online Trust Audit & Honor Roll assesses nearly 1,200 organizations, recognizing excellence in online consumer protection, data security, and responsible privacy practices. This 10th annual audit of more than 1,200 predominantly consumer-facing websites is the largest undertaken by OTA, and was expanded this year to include payment services, video streaming, sports sites, and healthcare.

Cyber Incident & Breach Readiness Guide

2019 marked the Online Trust Alliance’s tenth annual publication related to cyber incidents and breach readiness. Now an initiative of the Internet Society, OTA reviews cyber incident and breach events to extract key learnings and provide guidance to help organizations of all sizes around the world raise the bar on trust through enhanced data protection and increased defense against evolving threats. This Cyber Incident & Breach Trends Report builds on last year’s expanded recognition of threats beyond just data breaches to include ransomware, business email compromise (BEC), distributed denial-of-service (DDoS) attacks and connected device vulnerability.

Email Marketing & Security

The 2018 Audit found that the vast majority of audited online retailers have embraced unsubscribe best practices, going beyond mere compliance, and have shown continued improvement since 2014 despite expanded and more stringent criteria. This year’s Audit examines the entire email engagement process, from signup to receiving email to the unsubscribe user experience and results.

Best Practices

OTA provides best practices, resources, and guidance to help enhance online safety, data security, privacy, and brand protection. To maintain online trust, industry needs to move from a compliance mindset to one of stewardship, while promoting the value exchange consumers receive. Organizations should apply these efforts, following a review of their respective legal, regulatory, and compliance requirements.

OTA Internet of Things (IoT) Initiative & Trust Framework

The IoT Trust Framework® includes a set of strategic principles necessary to help secure IoT devices and their data when shipped and throughout their entire life-cycle. Through a consensus driven multi-stakeholder process, criteria have been identified for connected home, office and wearable technologies including toys, activity trackers and fitness devices.

Visit our IoT Trust Framework page and download the full version or Framework Overview.