TrustArc Blog

Watchdog Sniffs Out Unwanted Invites

February 06, 2009

Here at TRUSTe, we’re constantly fielding questions and complaints from customers of the sites we certify, and most recently there was an issue with, a site intended to help former classmates stay in touch. While the site’s premise is good, they do run into some privacy issues from time-to-time. That’s why we’re here.

Recently we were contacted by Steve Alexander of the Minneapolis Star Tribune who had received a complaint from a consumer who had unknowingly sent reunion invitations to a number of estranged classmates and colleagues via The consumer told Steve that had not responded to her complaints so he contacted us on her behalf. is a TRUSTe sealholder and a part of our Watchdog program.

We let Steve in on the consumer complaint process. Because is a member of our Watchdog Program, and therefore a site we monitor regularly, we responded immediately to the complaint by notifying of the issue and then reviewing the website ourselves to determine how the incident may have occurred. The website has a feature that allows you to upload all of your contacts from an email account, check who is already on the system and invite those who are not. states on the site that all contacts from the registered email account are “auto” emailed, using the name and address of the user. The site offers a link to view a sample. TRUSTe rechecked the site after the complaint to make sure these were still in place. In order to do this however, someone must physically enter the email account and password so in this case either the consumer did not understand that she was giving the site permission to access her entire email address book or someone impersonating her entered the information. Either way, promptly deleted the consumer’s data as requested, and apologized to the consumer for the any confusion the feature may have caused.

Satisfied with our explanation of how this incident occurred Steve posted his conversation with this consumer on his Q & A column in the Minneapolis Star Tribune. Reiterating what we believed to have happened, Steve also suggested that his reader change her AOL login and password to better protect herself from something like this happening again. In an era where data privacy is more important than ever, it’s something for all consumers to keep in mind.