title for Trustmarks profile
home | about | site use | resources | publications | timeline   spacer graphic   blaw
overview

the industry

inventory

studies



















related pages icon
related
Guides:

Privacy

Consumers

Security &
InfoCrime

Governance

Economy




related pages icon
related
Profiles:

Trademarks

Online ADR

Auctions

Indigenous
Authenticity
labels







section heading icon     overview

 This profile considers online privacy seals and other trustmarks, discussed in our Privacy and Consumers guides.

It covers -

The following pages provide comments about the evolution of the trustmark industry and an indicative inventory of major online trustmarks, past and present.

subsection heading icon     marks in space

Who can you trust in cyberspace, where the facade presented by deft software does not necessarily equate to good performance, where many consumers feel that they are unequipped to use tools such as P3P or PICS and where the borderless nature of the net (or merely its newness) has encouraged bad practice by entrepreneurs or malicious individuals?

The discussion, in our Consumers guide, of trust suggests that businesses, governments, consumer advocacy organisations and individuals have some interest in online trustmarks. At its simplest, an online mark (sometimes characterised as a seal) is an indicator that the site operator has agreed to be bound by a code of practice. The mark is an advisory, rather than a guarantee of performance, since the binding is often weak and certification problematic.

The marks are issued by industry associations and consumer bodies (generally on a less-than-cost or cost recovery basis) or by commercial entities whose raison d'etre is to generate profits through conduct of a trustmark program and ancillary services such as legal compliance audits and training.

Given different jurisdictions with different markets, perceived needs and start-up funding there are a range of marks in Australia and elsewhere. There is no global standard for online trustmark schemes or for automated validation of marks.

Some are purely local. Others, such as the ICRA content label, are found across the world. Some have a narrow focus, for example on privacy or items sold via eBay. Others attempt to serve as an indication of business good practice (for example covering data collection, handling of disputes, fulfillment of commercial transactions) and may be tied to an alternative dispute resolution scheme offered by an industry association or commercial dispute resolution service.

Varying levels of enforcement mean that some marks, at best, are statements of aspiration whereas others are perceived to be more meaningful because the issuer has the resources - and will - to effectively police the mark.

Ernst & Young - perhaps playing catch-up with competitor and trustmark scheme operator KPMG - looked on the bright side in its 2001 E-Security & Privacy paper, claiming that

While there may be some enforcement, jurisdictional and perception hurdles to overcome, with full e-commerce assurance from independent, reputable organisations, web seals can ensure privacy policies are followed, aid market differentiation, build and support brand strength, support dispute resolution and offer indemnification and regulatory compliance.

subsection heading icon     responses

Responses to online marks - and particular seals - have been mixed.

Some observers, for example, have criticised the process through which mark are acquired, in particular schemes based on self-assessment. Critics argue that self-assessment is inherently open to abuse by the unscrupulous or merely incompetent.

Some note the poor performance of certifying bodies, including prominent seal issuers such as TRUSTe, characterised by critics as slow to respond to consumer concerns about abuses or lacking the resources to monitor compliance with their rules and ensure that the trustmark is removed from a site that breaches those rules. One example is Natalie Regoli's 2002 Indecent Exposures in an Electronic Regime paper (PDF).

Others question whether commercial trustmark schemes necessarily involve a conflict of interest or simply doubt a business model that requires significant investment for building a national/global brand and then maintaining it through ongoing promotion, compliance checks and litigation against entities that abuse the particular mark.

Still others note the plethora of competing trustmark bodies, ranging from those restricted to a particular jurisdiction to those with global ambitions, a presence in all major markets and compliance infrastructure to match.

That proliferation is an issue because it inhibits recognition (and thereby the value) of particular marks. If you can't tell whether a mark is "for real" will you as a consumer trust it or respect the site that features the mark? Will it make commercial sense for you as a site operator to badge your site with a mark (or marks), particularly if badging involves a fee or compliance requirements?

Questions of transparency and activity are of particular importance, since ultimately end-users must trust the trustmark.

Few trustmark scheme operators provide statistics regarding the removal of marks from sites. Many provide raw figures about the number of seals issued or the number of disputes dealt with. However, for both specialists and consumers it is difficult to determine the effectiveness of a particular scheme. Is scheme x biased? Are disputes (and dispute resolutions) meaningful? How many of the marks, once issued, are still active?

subsection heading icon     trusting the mark

A recurrent response by consumers (and by site operators) is that they are either not aware of particular marks or question their effectiveness.

In essence, many people do not trust marks and instead rely on an assessment (informed or otherwise) of a site, recognition of an offline/online brand and decisions about what is at stake.

Users of online trustmarks must

  • recognise the mark
  • perceive that the mark has value
  • understand what it means
  • believe that the site operator will comply with obligations regarding that mark
  • believe that the entity that issued the mark to the operator will act quickly, vigorously, equitably and effectively to address actual/alleged breaches of its rules, implicitly to serve consumers rather than an individual site and thereby ensure the mark's legitimacy
  • hope that there will be action by other consumers or by government regulators if the mark issuer (or mark bearer) does not live up to commitments regarding the mark
  • assume that the mark is current, rather than a relic from defunct trustmark schemes
  • assume that the site operator is entitled to the mark (eg not making fraudulent use of the ICRA mark on an adult content site).

Perceptions play a major role in trust. Perceptions that mark issuers have been slow to act, have tacitly ignored substantive breaches or have provided site operators with inappropriate wriggle-room (eg redefined the problem) accordingly mean that building trust in marks is difficult.

In discussing privacy we've noted the sobering conclusion in Robert LaRose & Nora Rifon's 2003 paper Your Privacy is Assured - Of Being Invaded: Web Sites With & Without Privacy Seals that

It is perhaps ironic that the Web sites that seek to publicize their concern for consumer privacy by displaying privacy seals were actually more likely to intrude on privacy, at least in terms of the amount of personal information that they requested from consumers. And, aside from a greater tendency to deposit cookies, the unsealed sites were no more likely to invade users’ physical privacy through involuntary intrusions on their computers.  Naïve consumers who view seals as a form of privacy protection may thus be disappointed.

The study conducted by those authors also asks

How effective were the seal authorities in encouraging compliance with FTC guidelines for notice, choice, access, and security? BBBOnLine sites were more likely to make assurances about secure transmission of information than TRUSTe sites. However, compliance with the guidelines was somewhat less than perfect in all key aspects. For example, while almost all of the seal program participants provided notice of the types of information collected, about an eighth did not reveal how information is collected, offer to correct errors, or maintain a complaint procedure. And, while most sealed (but also unsealed) sites informed consumers of their choices, many did not really offer any choice other than leaving the site or foregoing service.

A 2000 study of the US CPA WebTrust seal by Kris Portz, Joel Strong, Bruce Busta & Ken Schneider noted that

Subjects were asked how much protection against fraudulent business practices the WebTrust seal provides or implies. Fifty-nine percent correctly indicated that “WebTrust helps to minimize the possibility of fraud,” while 22% incorrectly indicated that “customers are absolutely protected against fraud.”

This result is cause for concern. If 22% of consumers believe that WebTrust absolutely protects against fraud, CPAs could be exposed to legal action. The disparity between a consumer’s perception of the assurances and what the assurances actually are creates an expectation gap. Accountants have a long, painful history of dealing with the expectation gap, and the presence of one regarding the WebTrust program must be carefully examined and every effort made to mitigate it.

Joseph Turow's 2003 Americans & Online Privacy: The System is Broken study (PDF), highlighted in our discussion of privacy statements, noted similar consumer misinterpretation of 'signals' from site operators. It claimed that 57% of US adults who use the internet at home incorrectly believe that when a site has a privacy policy, it will not share their personal information with other sites or entities.

Turow's consumers valued their privacy: when "presented with a common version of the way sites track, extract, and share information to make money from advertising, 85% of adults who go online at home did not agree to accept it on even a valued site".

However, 64% of the online adults say they have never searched for information about how to protect their information on the web; 40% say that they know "almost nothing" about stopping sites from collecting data, 26% know "a little" and only 9% (immodest or otherwise) report knowing "a lot".

That raises questions about proposals to address trustmark problems by printing official guides to web seals.

subsection heading icon     lessons from offline marks?

Misinterpretation, distrust of or simply non-recognition of online trustmarks is consistent with experience offline.

That is evident in studies such as Beltramini & Stafford's 1993 'Comprehension & Perceived Believability of Seals of Approval Information in Advertising' (in Journal of Advertising, XXII), Kamins & Marks 1991 'The Perception of Kosher as a Third Party Certification Claim in Advertising for Familiar and Unfamiliar Brands' (in Journal of the Academy of Marketing Science, 19, no 3) and Parkinson's 1975 'The Role of Seals and Certifications of Approval in Consumer Decision Making' (in Journal of Consumer Affairs, 9).

subsection heading icon     AVS

Age Verification Services (AVS) - aka Adult Verification Services - are sometimes confused with trustmarks. They are discussed here and in the broader discussions elsewhere on this site regarding the Adult Content industry and Censorship & Free Speech.





icon for link to next page    next page  (the trustmark industry)




this site
the web

Google

 

version of June 2007
© Bruce Arnold
caslon.com.au | caslon analytics