Compliance organization TRUSTe has finalized a settlement requiring it to pay $200,000 for allegedly
misrepresenting its practices, the Federal Trade Commission said on Wednesday.
The settlement stems from allegations that TRUSTe (which stands for True Ultimate Standards Everywhere) didn't
conduct around 1,000 annual re-certifications between 2006 and 2013.
The FTC also alleged that TRUSTe re-certified clients who described the organization on their sites as a nonprofit -- even
though the compliance vendor became a for-profit corporation six years ago.
TRUSTe -- which is authorized to offer a self-regulatory “safe harbor” program that protects companies
from enforcement actions under the Children's Online Privacy Protection Act -- also will file 10 years' worth of annual COPPA reports.
Late last year, a coalition of advocacy groups argued
that the settlement terms weren't stringent enough. The watchdogs -- including the Center for Digital Democracy and Consumer Federation of America -- said the $200,000 fine was “far too low to
deter future violations.” They also said that TRUSTe should file detailed reports for the next 20 years, and that the FTC should publicly post all of the company's reports regarding its
children's privacy self-regulatory program.
The FTC rejected both of those requests. The organization said in a letter to the organizations that $200,000 “reflects a significant portion of the monies that TRUSTe received
from its business clients for the annual reviews that it failed to conduct, despite representations to consumers that it recertified sealholders annually.”
The agency also noted that
most of TRUSTe's failure to re-certify companies “involved seal programs unrelated to COPPA.”
TRUSTe CEO Chris Babel said last year in a blog post that the clients who weren't reviewed annually had entered into “multiyear agreements” with TRUSTe and, for the most
part, were re-certified every two years.