Open Standards and Privacy

Privacy is clearly something that affects the whole ecosystem of users on the web. Any implementation of privacy must take into consideration important trade-offs between business models and end user rights to transparency and choice. As such, standards play an important role in any consideration of a privacy system for the web and mobile web.

TRUSTe has long participated within a number of policy-based industry groups. Recently, TRUSTe has joined two technical standards groups that are actively working on defining concepts that can be applied to important privacy systems at the infrastructure and architectural level.  This post provides a quick overview of each group.


TRUSTe had joined OASIS due to the leadership in starting to address the difficult issue of operationalizing privacy. We understand this very well through our rich history with our customers, some of which are some of the largest most complex data-centric organizations in the world.

OASIS features a technical committee called the Privacy Management Reference Model (PMRM) whose charter explains the goals of the group quite well.

As part of that program, I had the opportunity to discuss my views on how open standards, and particularly OASIS fit in at TRUSTe.  You can see the video at http://www.youtube.com/oasisopen#p/u/3/E0gEsvyWEyk.

Additionally, we are thankful for OASIS’ Executive Director Laurent Liscia’s recognition of TRUSTe’s involvement:

“As a Sponsor of OASIS, TRUSTe demonstrates genuine commitment to open standards and interoperability. TRUSTe plays a major role in operationalizing privacy through its contributions to the OASIS Privacy Management Reference Model (PMRM) Technical Committee. We value the expertise and insight the company brings to our organization.”

We look forward to participating and helping this important work evolve.


TRUSTe very recently joined the W3C to take an active role in the development of web standards around tracking protection.  There are many other great efforts occurring in the W3C, but standardizing privacy controls is a topic we have followed very closely over the last several years.  The work is been an obvious next step to the self-regulatory programs that TRUSTe has been so deeply involved in with the online advertising industry. Also, many of us at TRUSTe have been very active in browser-based trust systems in our past-lives and of course see the critical role browsers play in helping consumers manage their online privacy.

TRUSTe has been participating in evolution of this working group through the first two working groups and submitted a position paper to the IAB’s Internet Privacy Workshop at MIT in December of 2010 and also a position paper to the Workshop on Web Tracking and User Privacy at Princeton in April 2011.

The tracking protection group is chartered with a very difficult task of improving on past, and admittedly unsuccessful, consumer privacy protocols that can bring transparency and choice to data collection and advertising.  It is designed to simplify user interaction around notice and choice, to bring methods for accountability to those collecting data, and to enable the benefits of that data collection, such as relevant advertising or improved site performance, to those users that want them.

We appreciate the statement of support from Thomas Roessler, T&S Domain Leader for the W3C for TRUSTe’s participation in the W3C:

“I am pleased that Truste has joined the W3C to participate in the Tracking Protection Working Group. One key to the success of this group is participation by diverse stakeholders, including solutions providers.”

We look forward to a busy year working with these groups and sharing our thoughts and perspectives to help build better standards and resulting operations that all users of the web can enjoy.