When it comes to safety on the web, consumers distrust a full 70% of websites to safeguard their privacy and data security. But according to the Online Trust Alliance (OTA), some are doing a good job: notably Twitter, which once again headlines the “Honor Roll” of the web’s most trustworthy sites.
The OTA’s 2014 Online Trust Audit has found that out of nearly 800 top consumer websites evaluated, only 30.2% made the Honor Roll, distinguishing themselves by safeguarding data via best practices in three categories: domain/brand protection, privacy and security. But about half (52.7%) failed in at least one of the three categories. The results varied by category, with news sites coming in dead last.
“Our 2014 Honor Roll recipients have demonstrated a commitment toward responsible management of sensitive consumer data and privacy,” said OTA executive director and president Craig Spiezle, in a statement. “OTA commends the companies who made this list—but remains concerned about the failures of some of the world’s largest online brands.”
Social networking market leader Twitter topped the Honor Roll for the second consecutive year with the highest overall trustworthiness score.
"Twitter is honored to again receive the top overall award for the highest score on the OTA Honor Roll. It has become increasingly clear over the past year that companies need to be even more vigilant in applying security and encryption technologies like always-on-SSL, forward secrecy, and DMARC in order to protect their users, and we're glad to partner with organizations like the OTA to raise the security and privacy bar," said Bob Lord, director of information security at Twitter.
Of all sectors analyzed, the “Social 50” – comprising social networking, gaming and dating websites – outpaced all others in terms of average score and percentage of companies on the Honor Roll (50%). But, it also possessed the highest percentage of websites experiencing a data breach within the past year (18%).
American Greetings scored best among the Internet Retailer 500, a strong testimony of its management’s commitment to collaboration and data sharing. Netflix followed in second place, and then Christian Book Distributors, Sony Electronics and Ancestry.com rounded out the top five.
“These companies represent a broad spectrum, ranging from the fourth highest revenue earner among retailers to the 476th highest,” said Spiezle. “This validates that the Honor Roll is achievable by retailers of all sizes and that the criteria is not onerous or costly to achieve.”
Online merchants in general showed strong growth in email authentication, as 88% complied with recommended best practices. However, their privacy policies need improvement, as more than one-third of the sector failed in that regard.
FDIC 100: The banking industry continues to dominate all sectors in adoption of Secure Sockets Layer (SSL), a technology that establishes an encrypted link between web servers and browsers. Nevertheless, banks suffered the highest industry failure rate (65%) due to inadequate email authentication support and insufficient and vague privacy policies.
Meanwhile, the top 50 Federal Government websites (not factored into Honor Roll due to lack of privacy data) lag in all aspects of email authentication and SSL. On the bright side, these websites are devoted adopters of DNSSEC, a technology designed to prevent hijacking of the Domain Name System. The Fed 50 boasted a 92% implementation rate, reflecting a White House mandate.
News 50: Considering their collection of registration data, many news media sites are not complying with best practices or regulatory requirements. The low scores are attributed to several issues, including third-party data collection, indefinite data retention policies, and failure to encrypt their registration or login screens with SSL, leaving personal data exposed and ripe for abuse.
To put that in perspective, the 30.2% success rate among all evaluated websites actually constitutes a drop-off from 32.2% in 2013. But discounting the news sector, the overall percentage of Honor Roll members remained at par with 2013, at 32.1%.