Oops. I had missed a press release from the NYS Attorney General’s Office a few weeks ago. Luckily for me, the legal eagles at Hunton & Williams have blogged about it now:
On April 6, 2017, New York Attorney General Eric T. Schneiderman announced that privacy compliance company TRUSTe, Inc., agreed to settle allegations that it failed to properly verify that customer websites aimed at children did not run third-party software to track users. According to Attorney General Schneiderman, the enforcement action taken by the NY AG is the first to target a privacy compliance company over children’s privacy.
TRUSTe was certified by the FTC to operate a Children’s Online Privacy Protection Act (“COPPA”) safe harbor program, under which companies could use its COPPA services to demonstrate compliance with the law. The NY AG alleged that TRUSTe failed to run scans of “most or all” of its 32 customers’ websites for third-party tracking technology on the children’s webpages of those websites. The NY AG further alleged that TRUSTe “failed to make a reasonable determination as to whether third-party tracking technologies present on clients’ websites violated COPPA, certifying child-directed websites despite information indicating that third parties present on those websites collected and used the personal information of users in a manner prohibited by COPPA.”
Read more on the Privacy & Information Security Law Blog.