Transcript Email Privacy Seal

TRUSTe Trusted Download Program
Certify Your Software is Spyware-Free
Colin O’Malley, Director of Product Development
Anna Rogers, Product Manager
Heather Dorso, Sales Executive
November 2006
1
Agenda
• Program Summary
• How to Get Certified
– Process
– Key information
• Whitelist
2
What is Trusted Download?
Trusted Download Program is a whitelist which
partners like AOL, CA, CNET, Microsoft, Verizon,
and Yahoo!, use to direct internet advertising
dollars and distribution opportunities to
software that demonstrates informed consent
and gives control back to the user.
3
Trusted Download Program Objectives
• Promote meaningful notice and control for
consumers
• Establish industry-wide standards for software
publishers
• Identify trustworthy software for distributors
and advertisers
• Bring transparency and accountability to
distribution relationships
• Help create trusting download environments for
consumers
4
Certified Application Market Incentives
Advertisers
and
Ad Networks
Content
Aggregators and
Consumer
Portals
Anti-Spyware
Software
Incentives
=$
= Install
= Ratings
Certified
Application
Trusted Download Program
5
How to Get Certified
1.
2.
3.
4.
5.
6.
7.
8.
9.
Evaluation
Criteria
Application
Initial Review
Findings Report
Changes
Final Review
Whitelist
Monitoring
6
Evaluation
• Trusted Download is customized to each
software application
• Functionality and behavior of software
determine classification (standard, provisional,
advertising, tracking or other software)
• Extent of distribution network and level of
control
7
Pricing
• Based on classification
– Advertising and tracking software
– Standard software
– Other provisional software
• Application fee (one time; $3,900 - $7,800)
• Monitoring fee (annual; $3,000 - $6,000)
• Additional fees can apply based distribution
network size and control
8
Application
• Self-Assessment
• Certification Agreement
• Invoice & Payment
• Copy of software to be certified
• List of distribution channels and any bundling
• Freeze non-critical updates to software
9
Primary Notice Requirements
For all applications, if the following occurs:
• Redirects the User’s Internet searches
• Adds a toolbar or other modification
• Changes the User’s home page, default search
provider or error page handling
• Changes the User’s default provider, web proxy
or other changes to Internet settings
• Causes known material adverse effects on
system performance for typical Users
10
Primary Notice- Advertising
• Name/brand of software and name of bundled
software
• If information is collected for the purpose of ad
targeting and/or market research
• Types of ads and when displayed
• If ads with adult content, alcohol, tobacco,
firearms or other weapons will be shown
• Description of PII collected
• Uses of PII
• Types of companies PII is shared with
11
Primary Notice- Tracking
• Name/brand of software and name of bundled
software
• When collection of information for the purpose
of ad targeting and/or market research will
occur
• Description of PII collected
• Uses of PII
• Types of companies PII is shared with
12
Consent Requirements
For all software:
• The language used to describe Users’ options to
consent to install Certified Software must be plain and
direct.
For advertising and tracking software:
• The option to consent may not be the Default Option;
• The option to decline consent to install Certified
Software must be of equal prominence to the option to
consent to the installation of
Certified Software.
13
Findings & Changes
• Software download is reviewed for appropriate
consumer notice & choice
• Software is submitted to AppLabs for technical
testing
• TRUSTe may request additional information
• Finding report generated, which details any
required changes
• Applicant has 30 days to resubmit required
changes
14
Whitelist
• Software which passes is issued an invoice for
monitoring fees
• On payment of monitoring, the application
details are listed on Whitelist
• Failures are not public
15
Trusted Download Means Spyware-Free
Taking control of a consumer’s computer
Modifying security settings
Collecting personally identifiable information
(PII) through the use of keystroke logging
Inducing the user to provide PII to another
person through intentional misrepresentation
Inducing the user to install software onto
computer or preventing efforts to block
installation
16
Monitoring
• Ongoing verification of software compliance
• Random signature tests
• Manual and technical testing
• Prior notice has been given on any substantive
updates
17
How to Stay Certified
• Prior notice for any material changes
– Major functionality changes
– Changes as related to requirements
• Include account managers on release notes
• Monthly updates for distribution partners
18
Questions & Contact
To schedule an evaluation call or email
Heather Dorso
415-520-3405
[email protected]
19