Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

5/21/2009
02:42 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Online Trust Alliance Issues Draft Principles For Online Trust

Principles help establish business practices that provide consumer, e-commerce, online marketing protection

Seattle WA " May 20, 2009 " Today the Online Trust Alliance (OTA) released its 2009 draft Online Trust Principles for public comment. The Principles are a major step toward establishing business practices that afford greater consumer online protection and the long term vitality of online commence and interactive marketing.

After a 30-day comment period and subsequent ratification, OTA will work with business and regulatory agencies to drive adoption " focusing on leading ecommerce and banking sites that are stewards of significant amounts of consumer data and, therefore, at risk as frequent targets of online exploits. Those brands which show the highest level of support will be recognized and be eligible for OTA's annual online safety awards.

"Implementation of these Principles is not only achievable but required to ensure consumers' peace of mind and protect the online economy from abuse," said OTA Founder and Chairman Craig Spiezle. "We look forward to our continuing work with the world's leading brands and organizations to help them realize a new level of trust with their customers."

The Online Trust Principles are broken down into three categories: 1) Infrastructure, protection of servers, web sites, desktops and mobile devices 2) Data, that includes both sensitive and Personally Identifiable Information (PII) 3) User Control, Choice and Privacy

Taken together, these Principles will help prevent, detect and remediate threats and business practices that can compromise consumers' online trust and confidence, including their identity and privacy. Copies of the draft Principles may be found at https://www.otalliance.org/resources/principles.html.

"Publishers Clearing House is proud to work with OTA on this critical and timely mission. It is our belief that marketers and brands should be working closely with industry associations in order to develop a comprehensive plan aimed at protecting our consumers and the online community," said Andy Goldberg, Publishers Clearing House President and CEO. "Consumer trust and confidence in the online ecosystem is a critical component for the success of the Publishers Clearing House online network."

OTA's position is that adherence to these Principles should be mandatory for all companies engaged in ecommerce and online banking. They are consistent with FTC and European mandates and guidelines that stipulate businesses apply "reasonable security" in protecting sensitive personal information. These Principles exemplify industry and government collaboration and demonstrate a shared commitment to self-regulation and accountability in order to help provide consumer choice and protection.

As part of its international charter, OTA will be hosting a Town Hall discussion on the Online Trust Principles in Copenhagen on Thursday June 4th and in Amsterdam on Monday June 8th. Supported in part by European Steering Committee member Secunia, and the Dutch Email Marketing Associations, these events will be an opportunity for all parties to participate in this important dialogue. Subsequent town halls are being planned for Singapore and Australia. Details are posted at https://www.otalliance.org/events/index.html

Companies and individuals should submit their comments for the Online Trust Principles on their company letterhead to [email protected] Unless requested not to, OTA may at its sole discretion, make all submissions public.

About The Online Trust Alliance (OTA) https://otalliance.org/ The mission of OTA is to create a trusted global online ecosystem and foster the elimination of email and Internet fraud, abuse and cybercrime; thereby enhancing trust, confidence, and the protection of businesses and consumers. Through its member companies and organization affiliates, OTA represents over one million businesses and 500 million users worldwide with regional chapters in Asia Pacific, Canada and Europe. OTA is a 501c6 IRS-approved non-profit, governed by a Board and Steering Committee including Bank of America, BoxSentry, Datran Media, Epsilon, Goodmail Systems, Iconix, Internet Identity, IronPort (a division of Cisco Systems), MarkMonitor, Message Systems, Microsoft Corporation, MX Logic, Publishers Clearing House, Return Path, Secunia, Symantec Corporation and VeriSign.

For media-related inquiries, contact:

Liz Shambaugh [email protected] 425-785-7234

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/9/2020
Omdia Research Launches Page on Dark Reading
Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
4 Security Tips as the July 15 Tax-Day Extension Draws Near
Shane Buckley, President & Chief Operating Officer, Gigamon,  7/10/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15105
PUBLISHED: 2020-07-10
Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session (base64-encoded). The password is stored in the session when the user submits their username and password, and is removed once they complete authentication by entering a two-factor authenticati...
CVE-2020-11061
PUBLISHED: 2020-07-10
In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in...
CVE-2020-4042
PUBLISHED: 2020-07-10
Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director's cram-md5 challenge to...
CVE-2020-11081
PUBLISHED: 2020-07-10
osquery before version 4.4.0 enables a priviledge escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables l...
CVE-2020-6114
PUBLISHED: 2020-07-10
An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerabi...