REVISED entry
Today, Etsians noticed what they thought was a new link at the bottom of the Etsy front page. The link is a clickable logo from TRUSTe, “an independent, non-profit organization whose mission is to build user’s trust and confidence in the Internet by promoting the use of fair information practices.” (from the Etsy Privacy Policy)
In fact, Etsy’s license with TRUSTe is NOT new, but it has been re-newed - and the TRUSTe logo is now much more prominent. The privacy policy that this license pertains to is the same as before, with the exception of these two differences, one made for clarity, one to provide additional info:
- In the original TRUSTe license, Etsy was covered under iospace inc. Now, Etsy is named as a company in its own right.
- The third paragraph in Editing and Deleting Account Information now contains an additional sentence (bold lettering added for identification):
If your personally identifiable information changes, or if you no longer desire our service, you may correct, update, delete or deactivate it by making the change on your member account page or by emailing our Customer Support at support@etsy.com or by contacting us by telephone or postal mail at the contact information listed below. We will respond to your request within 10-20 business days.
While this info may not be new, it has served as a reminder to us all to become acquianted with, and periodically refresh our understanding of, the various policies and rules that govern Etsy.
September 4th, 2007 at 4:59 pm
I hope this means they are going to take privacy issues a bit more seriously going forward. Their record in that area is less than impressive.
1. The login bug that they denied existed for months, which allowed random users to see a different user’s convos, billing info, etc.
http://etsynews.com/292/updates-on-viewing-other-user-pages-images-bill-page-errors/
http://etsynews.com/273/hey-thats-not-my-user-name/
2. Using the billing address for the geolocator, which revealed someone’s exact city even if they didn’t list it in their profile.
http://etsynews.com/350/geo3-still-shows-seller-location-part-iii/
http://etsynews.com/338/ability-to-search-by-place-on-geolocator-3-disabled/
3. Having the user API stream available for 7 months, which revealed any sellers full real name and street address for anyone to view.
http://etsynews.com/335/etsy-acts-quickly-to-plug-security-hole/
4. Customer service staff revealing other user’s personal information by mistake, such as using cc instead of bcc for mass emails, or revealing one user’s email address to another user because CS mistakenly thought they were the same person.
http://rocketworkshop.livejournal.com/716.html
All of these issues have been fixed now, but the lack of urgency Etsy displayed in fixing some of them was troubling. I hope this new e-trust certification reflects a new dedication to professionalism and protection of their member’s privacy.
September 4th, 2007 at 6:21 pm
They’ve been a member of TRUSTe for quite a while.
It’s the logo of TRUSTe which has changed recently. That’s what drew my attention.
I seem to remember a date stamp on the previous TRUSTe logo on Etsy’s pages. Date stamps are reserved for the highest level of security plan. They show that the site has been tested on that date by the securing company.
I don’t see a date on the logo any longer. Was I imagining it before? Has Etsy downgraded their security plan through the third party? Did the third party simply change their design?
September 4th, 2007 at 7:54 pm
this is what the old logo looked like in January 2007
http://web.archive.org/web/20061213001219/www.etsy.com/images/finalmark.gif
http://web.archive.org/web/20070105080949/http://www.etsy.com/
this is the old privacy policy page from May 4, 2007
http://web.archive.org/web/20070504193943/http://www.etsy.com/privacy_policy.php
September 5th, 2007 at 1:07 pm
They changed the logo again today.
now it is a small black and white one instead of the big green one
http://www.etsy.com/images/truste_seal_eu.gif
and clicking it links to this page instead of the privacy policy
http://www.truste.org/ivalidate.php?url=www.etsy.com&sealid=102
September 5th, 2007 at 6:10 pm
I wonder if any of this came about due to complaints filed with TRUSTe?
September 5th, 2007 at 7:57 pm
so what are they trying to evade?
October 14th, 2007 at 12:04 am
hmmpt, interesting…