Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

5/21/2009
02:42 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Online Trust Alliance Issues Draft Principles For Online Trust

Principles help establish business practices that provide consumer, e-commerce, online marketing protection

Seattle WA " May 20, 2009 " Today the Online Trust Alliance (OTA) released its 2009 draft Online Trust Principles for public comment. The Principles are a major step toward establishing business practices that afford greater consumer online protection and the long term vitality of online commence and interactive marketing.

After a 30-day comment period and subsequent ratification, OTA will work with business and regulatory agencies to drive adoption " focusing on leading ecommerce and banking sites that are stewards of significant amounts of consumer data and, therefore, at risk as frequent targets of online exploits. Those brands which show the highest level of support will be recognized and be eligible for OTA's annual online safety awards.

"Implementation of these Principles is not only achievable but required to ensure consumers' peace of mind and protect the online economy from abuse," said OTA Founder and Chairman Craig Spiezle. "We look forward to our continuing work with the world's leading brands and organizations to help them realize a new level of trust with their customers."

The Online Trust Principles are broken down into three categories: 1) Infrastructure, protection of servers, web sites, desktops and mobile devices 2) Data, that includes both sensitive and Personally Identifiable Information (PII) 3) User Control, Choice and Privacy

Taken together, these Principles will help prevent, detect and remediate threats and business practices that can compromise consumers' online trust and confidence, including their identity and privacy. Copies of the draft Principles may be found at https://www.otalliance.org/resources/principles.html.

"Publishers Clearing House is proud to work with OTA on this critical and timely mission. It is our belief that marketers and brands should be working closely with industry associations in order to develop a comprehensive plan aimed at protecting our consumers and the online community," said Andy Goldberg, Publishers Clearing House President and CEO. "Consumer trust and confidence in the online ecosystem is a critical component for the success of the Publishers Clearing House online network."

OTA's position is that adherence to these Principles should be mandatory for all companies engaged in ecommerce and online banking. They are consistent with FTC and European mandates and guidelines that stipulate businesses apply "reasonable security" in protecting sensitive personal information. These Principles exemplify industry and government collaboration and demonstrate a shared commitment to self-regulation and accountability in order to help provide consumer choice and protection.

As part of its international charter, OTA will be hosting a Town Hall discussion on the Online Trust Principles in Copenhagen on Thursday June 4th and in Amsterdam on Monday June 8th. Supported in part by European Steering Committee member Secunia, and the Dutch Email Marketing Associations, these events will be an opportunity for all parties to participate in this important dialogue. Subsequent town halls are being planned for Singapore and Australia. Details are posted at https://www.otalliance.org/events/index.html

Companies and individuals should submit their comments for the Online Trust Principles on their company letterhead to [email protected] Unless requested not to, OTA may at its sole discretion, make all submissions public.

About The Online Trust Alliance (OTA) https://otalliance.org/ The mission of OTA is to create a trusted global online ecosystem and foster the elimination of email and Internet fraud, abuse and cybercrime; thereby enhancing trust, confidence, and the protection of businesses and consumers. Through its member companies and organization affiliates, OTA represents over one million businesses and 500 million users worldwide with regional chapters in Asia Pacific, Canada and Europe. OTA is a 501c6 IRS-approved non-profit, governed by a Board and Steering Committee including Bank of America, BoxSentry, Datran Media, Epsilon, Goodmail Systems, Iconix, Internet Identity, IronPort (a division of Cisco Systems), MarkMonitor, Message Systems, Microsoft Corporation, MX Logic, Publishers Clearing House, Return Path, Secunia, Symantec Corporation and VeriSign.

For media-related inquiries, contact:

Liz Shambaugh [email protected] 425-785-7234

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Unreasonable Security Best Practices vs. Good Risk Management
Jack Freund, Director, Risk Science at RiskLens,  11/13/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19012
PUBLISHED: 2019-11-17
An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or ...
CVE-2019-19022
PUBLISHED: 2019-11-17
iTerm2 through 3.3.6 has potentially insufficient documentation about the presence of search history in com.googlecode.iterm2.plist, which might allow remote attackers to obtain sensitive information, as demonstrated by searching for the NoSyncSearchHistory string in .plist files within public Git r...
CVE-2019-19035
PUBLISHED: 2019-11-17
jhead 3.03 is affected by: heap-based buffer over-read. The impact is: Denial of service. The component is: ReadJpegSections and process_SOFn in jpgfile.c. The attack vector is: Open a specially crafted JPEG file.
CVE-2019-19011
PUBLISHED: 2019-11-17
MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette.
CVE-2019-19010
PUBLISHED: 2019-11-16
Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands.