Risk
12/15/2008
04:17 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Google No Longer Among Top 20 Most Trusted Companies For Privacy

A consumer-opinion survey found that Apple, Facebook, Yahoo, and other companies outranked Google in trustworthiness and protection of personal information.

Google is no longer ranked among the top 20 most trusted companies for privacy, but Apple, Facebook, and Yahoo for the first time are.

On Monday, the Ponemon Institute, a privacy and information security research company, and Trust-e, a privacy certification service, released their annual "Most Trusted Companies For Privacy" survey.

The study sought opinions from 6,486 U.S. adult consumers about which companies they thought were most trustworthy and did the best job protecting personal information.

Google ranked 10 in the Ponemon/Trust-e surveys conducted in 2007 and 2006. The company didn't comment on why public perception may have changed, but said that user trust remains critical to its business.

"In our quickly evolving business environment, ensuring that we earn and keep our users' trust is an essential constant for building the best possible products," a Google spokesperson said in an e-mailed statement. "We work hard to earn and keep that trust with a long-standing commitment to protect to the privacy of our users' information. The bedrock of our privacy philosophy is to be transparent about our approach to privacy and to give users meaningful control, and we continue to work to put these principles into practice and improve user privacy."

The top 20 companies for 2008 -- 23 actually, due to three ties -- are: 1) American Express; 2) eBay; 3) IBM; 4) Amazon; 5) Johnson & Johnson; 6) Hewlett Packard and U.S. Postal Service; 7) Procter & Gamble; 8) Apple; 9) Nationwide; 10) Charles Schwab; 11) USAA; 12) Intuit; 13) WebMD; 14) Yahoo; 15) Facebook; 16) Disney and AOL; 17) Verizon; 18) FedEx; 19) US Bank; 20) Dell and eLoan.

However, such ratings should be viewed with some skepticism. As last year's survey explained, "... the consumer ratings may not reflect at all the actual privacy practices of the company and its good effort to protect the personal information of its customers and employees. Further, what a company does in the area of privacy and data protection can be invisible to the customer until he or she experiences a data breach and seeks redress or has a question that needs to be answered."

Indeed, the presence in the top 20 this year of Facebook, despite the outcry it faced over the privacy implications of its Beacon advertising system late last year and earlier this year, suggests popularity may weigh more heavily in the rankings than actual practices.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: No, no, no! Have a Unix CRON do the pop-up reminders!
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.