Truste, Citing Location Privacy Worries, Expands Certification Program to the Mobile World

9/27/10Follow @wroush

San Francisco-based Truste, the former non-profit that provides privacy certification services for the websites of nearly 3,000 organizations, is expanding into the mobile arena. Starting today, builders of mobile websites and mobile applications can submit their sites and their iPhone, iPad, Android, Blackberry, Windows Mobile, Symbian, and Palm software apps for certification by Truste. If they pass, and they’re willing to pony up at least $3,000 per year, they’ll be entitled to use the familiar Truste certification seal on their sites or apps.

That could help combat consumers’ fears that purveyors of mobile apps are apt to misuse the extensive data they can gather on user behavior. “There is a lack of trust in mobile apps,” argues Chris Babel, Truste’s CEO. “Privacy issues around geolocation are causing consumers special concern. People are starting to say, ‘Hey, wait a minute, this app is sitting in my pocket all the time on a device that has GPS capability, and they can locate me to within 10 feet.’ That can get scary.”

That’s why Truste is updating its privacy requirements with new standards relating to location technology, mobile marketing and analytics, and other issues pertinent to mobile usage. For example, to win the Truste seal, a Starbucks or BestBuy store-finder app for iPhones or Android phones would be required to notify users the first time the app taps a phone’s GPS chip. Mobile apps are also required to notify users every time they pass location information to a third party—a coupon distributor, for example.

Front Page of Truste AppAt the same time, Truste is overhauling the general look and feel of its policies and forms to make consumers who access the information from mobile devices feel more at home. The organization has updated its privacy seal to be more visible on mobile interfaces, and it has created short versions of the privacy policy pages explaining things like how Truste-certified sites collect and use personal data. “We’re trying to make it all mobile-friendly,” says Babel.

A few pre-release clients have already subscribed to Truste’s mobile certification program, including Apartments.com, BreastCancer.org, GoDaddy, TigerText, Thumbspeak, the Weather Channel, WebMD, WorldMate, and Yelp.

Babel argues that the $3,000 annual cost of being certified—which comes on top of any fees clients might already be paying Truste to certify their standard websites—will repay itself in the form of increased consumer confidence. Babel says that in tests on the standard Web, e-commerce companies see an uptick in sales of between 7 and 29 percent when there is a Truste seal on every page of their site, and he expects to see the same effect carry over to the mobile world. “We are charging more, but we’re saying, ‘Here’s the value we are providing,” says Babel.

Truste, which was founded in 1997 by Electronic Frontier Foundation director Lori Fena, has always charged other organizations fees for its certification services and for the use of its privacy seal. But launching new forms of certification that carry additional charges may be a higher priority for the organization today than in the past.

In July 2008, Truste became a for-profit entity and raised an undisclosed amount of venture funding from Accel Partners, which was also a major investor in eBay and Facebook. Late last year it brought on Babel, the former manager of Verisign’s global SSL and Identity Authentication business (since sold to Symantec), who said at the time that Truste was “poised to achieve a new level of growth.” And this June the organization raised an additional $12 million in venture funding in a round led by new investor Jafco Ventures. Babel says the company has put much of the money into new automated scanning software that continually challenges clients’ websites and mobile apps for privacy lapses.

Mobile-centric companies weren’t being adequately served by Truste’s previous Web-focused services, Babel says. “A lot of customers will come in and look at the Web certification and now they will be able to get a mobile certification as well, scoring their mobile site as well as any apps they’ve created,” he says. “Additionally, if you are collecting data in the EU and you need Safe Harbor [a U.S. Department of Commerce program that helps companies comply with stricter privacy controls in Europe], we have an additional box you can check, as well as COPPA [the Children's Online Privacy Protection Act of 1998] if you are marketing to children under 13. We try to lead with the product that meets your needs. If you are just a mobile company, it will be just the mobile one. We want to make sure you are completely covered.”

I put it to Babel that $3,000 a year for privacy certification might be a lot to ask of a small mobile-app development startup. He pointed out that in addition to big brands like Yelp, the Weather Channel, and GoDaddy, the new mobile program already has small clients like TigerText, which lets users send self-destructing text messages, and Whereoscope, a location-based app builder (which I happened to profile last week). “You might think $3,000 is expensive. For a lot of them the question is how to get their app downloaded and used, so you can think of it as cheap marketing. A lot of these guys look at it and say, ‘The extra downloads and conversions are really very valuable.’”

Wade Roush is a contributing editor at Xconomy. Follow @wroush

By posting a comment, you agree to our terms and conditions.