TRUSTe Welcomes Privacy Expert Ray Everett and Customer Operations Leader Elizabeth Blass

TRUSTe today announced the appointment of privacy expert Ray Everett CIPP/US as Director of Product for Compliance Solutions and Elizabeth Blass as Vice President for Client Services.

Everett has significant experience in the privacy industry gained from working in the sector for the past 15 years. He was one of the first US corporate privacy officers, an original founding board member of IAPP.  Most recently, Everett managed global advertising and search privacy issue for Yahoo, and served as general manager for the privacy monitoring business at Keynote Systems.

Blass has developed a passion for excellence in customer operations and brings her leadership expertise to TRUSTe, where she will lead a team of more than 30 global privacy consultants and analysts.  Most recently, she was the Senior Director of Co-Location Customer Service Operations at CME Group and, prior to that, was the Regional Senior Vice President at Verizon Business.

These appointments will further help TRUSTe support growth in demand for comprehensive privacy solutions from enterprise clients and we’re delighted to have them on board.


TRUSTe Doubles Mobile Ad Partner Base

Today, TRUSTe announced that the global adoption of TRUSTed Ads has expanded with its mobile advertising partner base having more than doubled within the last year to include 33 leading mobile ad partners. Since it was first to market in 2012, TRUSTed Ads has powered billions of privacy safe mobile ads to help our clients deliver innovative advertising campaigns and build trust with their target audience while adhering to industry-leading standards of privacy in the U.S. and Europe.

TRUSTed Ads is a comprehensive mobile advertising privacy solution for both mobile web and mobile apps, which adheres to the DAA Mobile Guidelines and the EU Self Regulatory Program for OBA and offers consumers transparency and choice.  TRUSTed Ads includes an easy-to-use preference management system accessible through the AdChoices icon that enables consumers to manage their personal privacy settings across mobile devices and websites, as well as a mobile app SDK for iOS and Android.

“Our market-leading mobile advertising privacy solution TRUSTed Ads, has proved to be ahead of the game in anticipating self-regulatory guidelines and delivering mobile privacy best practices making it a clear choice for forward-thinking ad networks such as Millennial Media, StrikeAd and byyd.” Rich Qiu, Vice President Business Development, Mobile at TRUSTe

Mobile continues to be the fastest growing online advertising industry and advertisers, publishers and networks are eager to increase their mobile ads volume and performance. Behavioral advertising is a proven strategy to improve performance, but it also raises increased privacy concerns with consumers and regulators. TRUSTed Ads enables all players in the mobile ecosystem to build trust with consumers and meet regulatory and industry compliance requirements – powering privacy safe advertising and helping to drive innovations.

Before Millennial Media continued the global roll out of its Mobile Audience Solutions (MAS) behavioural targeting solution in the UK in January 2013, it wanted to be certain that it continued to be a leader in offering products that reflect industry best practices when it comes to mobile privacy. Read the case study online for the further details.

“We process massive amounts of data to provide comprehensive advertising solutions, making it vital that we build trust for the advertising community by giving consumers control to engage in an increasingly mobile world. With global compatibility, TRUSTed Ads also supports our customers’ worldwide mobile marketing objectives by adhering to industry-leading standards of privacy in the U.S. as well as internationally.” Ho Shin, General Counsel and Chief Privacy Officer, Millennial Media

To learn more about TRUSTed Ads, please visit http://www.truste.com/ads



DAA Releases Technical Guidelines for Implementing AdChoices Icon in Mobile

Joanne Furtsch
Director of Product Policy

Helen Huang
Product Manager

This week, the Digital Advertising Alliance (DAA) announced the first version of its DAA Ad Marker Guidelines for Mobile on how to comply with the enhanced notice requirements of the DAA Mobile Principles – The Application of Self-Regulatory Principles to the Mobile Environment. TRUSTe played an active role in drafting the guidelines, working with other companies involved with the DAA Mobile Technical Working Group, and is attributed as an author. We shared insights from real-time experience from running the TRUSTe implementation of the solution to our clients.  

The Ad Marker Guidelines provide guidance to app developers, mobile web publishers, and third party ad networks on how to implement the AdChoices icon (Ad Marker) in both the mobile application and web environments. 

Key highlights from the guidelines include:

  • Ad Marker (the DAA AdChoices icon) must include an invisible touchpad area of between 20×20 and 40×40 to enable consumers to easily press the icon, access the enhanced notice, and exercise a preference.
  • Non-prescriptive corner default for the in-ad display of the Ad Marker. It is noted that companies will need to pay attention to any close event that is prescribed to be on the top right corner such as in a video ad.  Guidance around close events can be found in the IAB MRAID and Video guidelines.
  • In-Ad experience options providing companies multiple options around the consumer experience when the consumer interacts with the AdChoices icon that include: 1) Opening of an interstitial allowing the consumer the choice to return to the ad in the case of mistakenly pressing on the icon or accessing a preference mechanism; 2) Expansion of the icon to display full AdChoices text; or 3) Taking the consumer directly to a preference mechanism or instructions for device specific controls
  • App Developer implementation guidance illustrating how the Ad Marker should be included in an app’s Settings menu.

This first release of the guidelines is a big step towards ensuring consistency and standardization of the consumer experience when interacting with the AdChoices icon in both the desktop and mobile environments. At the same time, the guidelines address issues specific to the mobile environment to enable consumers to easily access and interact with the AdChoices icon and exercise their preference.

Stay tuned for news on our mobile ad privacy solution, TRUSTed Ads, tomorrow.


April Monthly Spotlight

 - April 3

Advertising Week Europe

TRUSTe is hosting a private dinner with TRUSTe including Rich Qiu, VP of Business Development, Mobile and Ken Parnham, Managing Director of Europe. For more details, please contact Eleanor Treharne-Jones – eleanor@truste.com

- April 15
Privacy Innovation Forum
San Francisco

TRUSTe is hosting an exclusive invitation-only event bringing together industry leaders and decision makers to discuss how privacy and compliance are becoming inter-connected and the use of GRC (Governance, Risk, and Compliance) tools to address enterprise privacy and compliance challenges. For more information, please contact Helen Dunavetsky at helend@truste.com

- April 29
IAPP Drinks

Join TRUSTe on the eve of the IAPP Data Protection Intensive for canapes and cocktails at the Malmaison London. A great way to catch up with fellow privacy colleagues in London in the luxurious setting of the newly created Mal Lounge at the Malmaison. Register to attend here.

-  April 30 – May 1
IAPP Europe Data Protection Intensive

Stop by the TRUSTe booth at the annual IAPP Europe Data Protection Intensive Summit to hear the latest insights in data protection as well as learn how TRUSTe’s data privacy management platform can help your business address these issues today. Register here.


TRUSTe Unveils TRUSTed Interests – Puts Consumers in Control of Their Digital Experience

Ahead of ad:tech SF this week, TRUSTe launched TRUSTed Interests – the first privacy-friendly interests management solution which puts consumers in control of their ad experience. Today, consumers feel inundated with irrelevant advertising and are concerned about their activity being tracked online. But, it’s also not easy for consumers to consumers to navigate how to share their interests with the ad ecosystem in a simple manner.

TRUSTed Interests is an extension to the TRUSTe Data Privacy Management Platform which enables consumers to share and manage details of their interests across mobile and desktop devices. This has the potential to revolutionize the ad industry, addressing consumer and regulatory privacy concerns while putting consumers in control over their advertising experience and enabling advertisers to deliver more relevant ads.

“The promise of delivering custom-tailored advertising messages across devices is why advertisers work with us, and this innovative solution will bring added value to our clients’ campaigns. By delivering ads targeted towards known consumer interests, our whole industry will benefit.” – Eric Rosenblum, COO, Drawbridge

The TRUSTe Privacy Index, Advertising Edition Consumer Interests highlights findings from research conducted by Ipsos MORI which show that while 82% of consumers are concerned about the type of personal information collected through their web-browsing history, 39% of consumers are willing to share details of specific products and services they are interested in with advertisers in exchange for a more relevant ad experience. Additionally, field tests of TRUSTed Interests revealed 9 out of 10 consumers chose to share details of their interests instead of opting-out of online behavioral advertising.

“With TRUSTed Interests, we have witnessed high consumer engagement with setting interests, especially on mobile devices. Most important, the fact that half of these consumers selected multiple interests provides even more valuable information that will help our clients deliver more relevant ads to their audiences.” – Bob Walczak, General Manager of Mobile and Video at PubMatic

The initial implementations of TRUSTed Interests focus on creating a better consumer advertising experience to benefit the entire ad ecosystem through the delivery of privacy-friendly, relevant ads. To learn more about this first privacy-friendly interests management solution, visit http://www.truste.com/interests.


Lynda.com and Yodlee are the latest companies to partner with TRUSTe to receive APEC Certification

Lynda.com and Yodlee are the two latest companies to receive certification that they are in compliance with the Asia-Pacific Economic Cooperation (APEC) Cross Border Privacy Rules following on from IBM and Merck last year. TRUSTe, the first Accountability Agent for APEC’s privacy framework, worked closely with both companies to ensure their data collection practices were in compliance with the CBPR system. TRUSTe will monitor ongoing compliance and deliver consultative services throughout the partnership.

Commenting in a press release today on their APEC Certification, David Glaubke, Director of Corporate Communications at lynda.com, said:

“Lynda.com is committed to protecting the privacy of our users, and the APEC Privacy certification helps protect the exchange of personal information across borders, which is vital to our business. As we continue to grow in different regions throughout the world, we want to continue to build trust with our users, address concerns about privacy and be transparent about our data privacy practices.”

Brian Costello, Vice President, Information Security at Yodlee added:

“The APEC Certification of our privacy data handling is a key factor in our conversations and engagements with potential clients in the member countries.”

This news follows the announcement last Thursday by the FTC, together with agency officials from the European Union and APEC economies, with the ultimate goal of helping businesses transfer data around the world in a safe way in compliance with global privacy frameworks.

The EU-APEC Referential maps together the requirements for APEC Cross Border Privacy Rules (CBPRs) and EU Binding Corporate Rules (BCRs). The document, jointly designed by APEC officials and the EU’s Article 29 Data Protection Working Party, is designed to be a practical reference tool for companies that seek “double certification” under these APEC and EU systems, and shows the substantial overlap between the two.

Chris Babel CEO TRUSTe welcomed the launch of the EU-APEC Referential as an important step towards global inter-operability of data privacy frameworks announcements saying:

“Through our work with Promontory providing BCR solutions and as the Accountability Agent for APEC in the US, we understand the practical challenges that these differing privacy frameworks create for companies looking to act responsibly in their use of customer data. We welcome the announcement made by EU agencies and APEC economies last week which will make it easier for companies to demonstrate global compliance under international standards and is an exciting step towards further interoperability of privacy frameworks worldwide.”

In order to help companies better understand the new EU-APEC Referential, and how they can achieve global privacy compliance via the APEC and BCR Frameworks, TRUSTe is hosting a webinar on March 25 with Josh Harris, Policy Director at the Future of Privacy Forum, Simon McDougall from Promontory and Saira Nayak, Policy Director at TRUSTe.

Register for the webinar here

Find out about the TRUSTe APEC Privacy program here

Find out about the TRUSTe Promontory BCR Management Program here


European Parliament declares EU data protection reform irreversible after vote

© European Union 2014 - European Parliament

Yesterday, the European Parliament gave its backing to the European Commission’s data protection reform ahead of European elections in May, with 621 votes in favour, 10 against and 22 abstentions for the proposed Regulation. This vote means the position of the Parliament is now set in stone and will not change even if the composition of the Parliament changes following the elections.

For those struggling to keep track of exactly what stage the reform has reached, there is now just one final hurdle the proposed Regulation needs to clear to be become law –adoption by the Council of Ministers using the “ordinary legislative procedure” (co-decision).

In a press release, the European Parliament said it “stands ready to negotiate with the Council of the EU as soon as the Council defines its position”. Last Tuesday (4 March 2014) Justice Ministers in the Council met to discuss this issue amongst others and their next meeting on the data protection reform will take place in June 2014.

It has been a long and drawn out process since 25th January 2012 when the Commission first proposed a comprehensive reform of the EU’s 1995 data protection rules to strengthen online data protection rights and boost Europe’s digital economy (see IP/12/46). There have been many delays and over 3000 amendments, however there appears to be no lack of momentum at this stage and businesses in the EU and the US should continue to pay close attention to the debate and the potential consequences for their business.

TRUSTe Policy Director Saira Nayak shared her thoughts on the EU Data Protection reform in a blog after the LIBE Committee vote last October in which she listed the key highlights of the LIBE proposals:

  • Data transfers to non-EU countries – these could only happened if approved by the national data protection authority of the EU member country in question. If approved, it is unclear whether the EU Safe Harbor agreement will still be valid for EU-US data protection transfers.
  • Explicit consent for all processing of personal data.  Explicit consent is defined as the “freely given, specific, informed and explicit indication” of a user’s wishes, either by a statement or a clear affirmative action.
  • A Right to Erasure – a right to have personal data erased if requested by the user.
  • Profiling – Profiling includes analyzing a user’s online behavior for the purposes or marketing and advertising.  The LIBE proposals restricted profiling based on personal data, but exempts profiling based on “pseudonymous data” (which is defined as “personal data that cannot be attributed to a specific data subject without the use of additional information.”)
  • Sanctions – For data protection violations, the LIBE Committee proposed 5% of annual turnover or $100 million euros whichever is greater.

At TRUSTe we will closely follow all of these important developments in the EU, and offer privacy solutions to businesses looking to stay ahead of the proposed changes


New Guidelines Released To Help Businesses Comply with Changes To Australia’s Privacy Laws

March 12 will see the biggest change in Australian privacy law in 25 years with the introduction of the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Privacy Amendment Act). In order to help businesses comply with the changes, the Office of the Australian Information Commissioner (OAIC), published new guidelines on February 21.

In this blog, we outline some of the key changes and the resources available ahead of the changes on March 12.

The Australian Privacy Amendment Act

The Privacy Amendment Act includes a set of new, harmonized, privacy principles that will regulate the handling of personal information by both Australian government agencies and businesses. These 13 new principles are called the Australian Privacy Principles (APPs). They will replace the existing Information Privacy Principles (IPPs) that currently apply to Australian Government agencies and the National Privacy Principles (NPPs) that currently apply to businesses.

What do these changes mean for Australian consumers and business?

Under the new laws from March 12, 2014, it will be easier for Australians to:

  • find out if their personal information will be sent overseas
  • request access to their personal information held by an organization or agency
  • request a correction to their personal information held by an organization or agency
  • access an organization or agency’s Privacy Policy for more information about how that entity manages personal information.

Businesses will also be impacted by these changes, which will include enhanced powers for the Privacy Commissioner Timothy Pilgrim, who oversees privacy at OAIC (the Commission also regulates government access and information policy). Under the new law, the Privacy Commissioner and OAIC are able to:

  • enforce the new requirements against companies doing business located in Australia or with a link to Australia
  • seek civil penalties in the case of serious or repeated breaches of the Act’s requirements
  • conduct assessments of privacy performance for both Australian government agencies and businesses

How can you tell if you’re compliant?

On February 21, the Office of the Australian Information Commissioner (OAIC) released Australian Privacy Principles (APP) guidelines to provide a resource for all those who will be subject to the new APPs from March 12, 2014 to assess whether they are compliant.

The APP guidelines outline the mandatory requirements of the APPs, how the OAIC will interpret the APPs, and matters they may take into account when exercising functions and powers under the Privacy Act. The APP guidelines give many examples of how the APPs may apply in particular circumstances and contain suggestions for good privacy practice.

In addition to publishing the APP Guidelines, the OAIC has also said it is producing a practical tool that organizations can use to review their privacy policy which will be ready in March.

Additional Resources

If you want to find out more:

Older posts «