Only 30% of Top Consumer Websites Rated Trustworthy
American Greetings, Netflix, Twitter and Walmart Take Top Scores in Security and Privacy
2014 ANZ Honor Roll (November 25, 2014)
SEATTLE - CHICAGO - June 11, 2014 The Online Trust Alliance (OTA), the non-profit with the mission to enhance online trust and user empowerment while promoting innovation, announced today the results of its 2014 Online Trust Audit at the Internet Retailer Conference & Expo (IRCE). Out of nearly 800 top consumer websites evaluated, 30.2 percent made the Honor Roll, distinguishing themselves by safeguarding data via best practices in three categories: domain/brand protection, privacy and security. Conversely, a nearly 70 percent didn’t qualify for the Honor Roll with 52.7 percent failing in at least one of the three categories.
“Our 2014 Honor Roll recipients have demonstrated a commitment toward responsible management of sensitive consumer data and privacy,” said OTA Executive Director and President Craig Spiezle. “OTA commends the companies who made this list—but remains concerned about the failures of some of the world’s largest online brands.”
This comprehensive audit underscores the importance of continued monitoring of security and privacy practices and the risks of becoming complacent. As cybercrime escalates, yesterday’s practices and technologies may no longer be applicable or meet today’s regulatory or threat landscape.
"Twitter is honored to again receive the top overall award for the highest score on the OTA Honor Roll. It has become increasingly clear over the past year that companies need to be even more vigilant in applying security and encryption technologies like always-on-SSL, forward secrecy, and DMARC in order to protect their users, and we're glad to partner with organizations like the OTA to raise the security and privacy bar," said Bob Lord, Director of Information Security.
Social networking market leader Twitter topped the Honor Roll for the second consecutive year with the highest overall trustworthiness score. Of all sectors analyzed, the “Social 50”—comprised of social networking, gaming and dating websites—outpaced all others in terms of average score and percentage of companies on the Honor Roll (50 percent).
American Greetings scored best among the Internet Retailer 500, a strong testimony of its management’s commitment to collaboration and data sharing.
"Data security and respecting consumer privacy are guiding principles for American Greetings, said , executive director, interactive operations. "Trust is the foundation of our businesses and we are honored to be ranked number one among all ecommerce sites worldwide. We share OTA vision’s on the importance of collaboration, consumer choice, stewardship and self-regulation.”
The 2014 top 10 most trustworthy online retailers (11 due to a tie) are:
- American Greetings
- Christian Book Distributors
- Sony Electronics
- Big Fish
- JackThreads & Zulily
“These companies represent a broad spectrum, ranging from the fourth highest revenue earner among retailers to the 476th highest,” said Spiezle. “This validates that the Honor Roll is achievable by retailers of all sizes and that the criteria is not onerous or costly to achieve.”
The 30.2 percent success rate among all evaluated websites constitutes a drop-off from 32.2 percent in 2013. This decline is attributed in part due to more stringent security standards, as well as the addition of a new category—the top 50 news and media sites. The online media sector fared poorly in its debut, with only a 4 percent success rate and a 62 percent fail rate. Discounting the news sector, the overall percentage of Honor Roll members remained at par with with 2013 at 32.1 percent.
- Internet Retailer 500: Online merchants showed strong growth in email authentication, as 88 percent complied with recommended best practices. However, their privacy policies need improvement, as more than one-third of the sector failed in that regard.
- FDIC 100: The banking industry continues to dominate all sectors in adoption of Secure Sockets Layer (SSL), a technology that establishes an encrypted link between web servers and browsers. Nevertheless, banks suffered the highest industry failure rate—65 percent—due to inadequate email authentication support and insufficient and vague privacy policies.
- Social 50: Despite sporting the best Honor Roll success rate among industries, the social sector possessed the highest percentage of websites experiencing a data breach within the past year (18 percent).
- Federal 50: The top 50 Federal Government websites (not factored into Honor Roll due to lack of privacy data) lag in all aspects of email authentication and SSL. On the bright side, these websites are devoted adopters of DNSSEC, a technology designed to prevent hijacking of the Domain Name System. The Fed 50 boasted a 92 percent implementation rate, reflecting a White House mandate.
- News 50: Considering their collection of registration data, many news media sites are not complying with best practices or regulatory requirements. Their low scores are attributed to several issues including third-party data collection, indefinite data retention policies, and failure to encrypt their registration or login screens with SSL, leaving personal data exposed and ripe for abuse.
OTA used a combination of resources, including Alexa, comScore, the FDIC, government rankings and Internet Retailer Magazine’s Internet Retailer 500, to determine which organizations to evaluate. The complete 2014 Audit & Honor Roll report and methodology can be accessed at https://otalliance.org/HonorRoll.
The Online Trust Alliance (OTA) is a non-profit with the mission to enhance online trust and user empowerment while promoting innovation and the vitality of the Internet. Its goal is to help educate businesses, policy makers and stakeholders while developing and advancing best practices and tools to enhance the protection of users' security, privacy and identity. OTA supports collaborative public-private partnerships, benchmark reporting, and meaningful self-regulation and data stewardship. Its members and supporters include leaders spanning the public policy, technology, ecommerce, social networking, mobile, email and interactive marketing, financial, service provider, government agency and industry organization sectors.