Story image

New Zealand's first Privacy Trust Marks awarded to Trade Me and RealMe

10 May 2018

RealMe and Trade Me’s Transparency Reporting websites are the first two recipients of the Office of the Privacy Commissioner’s new Privacy Trust Mark.

The Privacy Trust Mark was launched as part of Privacy Week to indicate a ‘privacy by design’ approach to trust.

The Mark’s aim is to give New Zealanders assurance and confidence that a product or service has been designed with their privacy interests in mind.

“It is intended to build public awareness around privacy and provide incentives for organisations to engage in best practice. It also provides a means for organisations to showcase their practices.”

A Privacy Trust Mark can be issued to a service, mobile app, computer software, or a privacy statement. It does not apply to an entire organisation.

Privacy Commissioner John Edwards says that Trade Me is the only New Zealand agency that participates in transparency reporting ‘above and beyond what is required of it by law”.

“I am particularly impressed with the way Trade Me draws wider privacy issues into its transparency reports as a way of keeping the public informed of topical issues,” Edwards says.

RealMe, a government-run identity verification website led by the Department of Internal Affairs was also awarded a Privacy Trust Mark because it met all criteria.

“RealMe's data minimisation and user control practices are excellent. Users can control when and where their identity information is shared and can review all of their transactions and revoke their consent at their discretion. RealMe also only collects and stores information that is required to administer the core service.”

Department of Internal Affairs general manager of partners and products, David Philp, says he is thrilled to be the first government agency to receive a Privacy Trust Mark.

“RealMe has robust privacy and security measures, and allows users to control when and where their information is shared at all times. It is great to see this commitment to customer privacy recognised by the Privacy Commissioner, especially with the current focus on trust in government.”

Privacy trust marks are also used in other countries, but there is no global body that manages them. Other privacy trust marks include the United States’ TRUSTe, and Japan’s PrivacyMark scheme.

John Edwards says that he hopes to see many more Privacy Trust Marks issued in future.

“This project is part of our vision to help consumers to have trust and confidence that their information will be safeguarded. It will also make it easier for people to make choices for privacy-friendly goods and services.”

Organisations that wish to apply for a Privacy Trust Mark must meet the seven principles of Privacy By Design. Products or services may need to meet other criteria including (but not limited to) security proactivity, privacy by default, end-to-end security, transparency, and customer control of their personal information.

Interested organisations can contact the Office of the Privacy Commissioner for more details.

Thycotic debunks top Privileged Access Management myths
Privileged Access encompasses access to computers, networks and network devices, software applications, digital documents and other digital assets.
Veeam reports double-digit Q1 growth
We are now focussed on an aggressive strategy to help businesses transition to cloud with Backup and Cloud Data Management solutions.
Paving the road to self-sovereign identity using blockchain
Internet users are often required to input personal information and highly-valuable data from contact numbers to email addresses to make use of the various platforms and services available online.
Tech Data to distribute Nutanix backup solution in A/NZ
Tech Data will distribute HYCU Data Protection for Nutanix backup and recovery software to their network of partners across Australia and New Zealand.
Veeam releases v3 of its MS Office backup solution
One of Veeam’s most popular solutions, Backup for Office 365, has been upgraded again with greater speed, security and analytics.
Too many 'critical' vulnerabilities to patch? Tenable opts for a different approach
Tenable is hedging all of its security bets on the power of predictive, as the company announced general available of its Predictive Prioritisation solution within Tenable.io.
Safety solutions startup wins ‘radical generosity’ funding
Guardian Angel Security was one of five New Zealand businesses selected by 500 women (SheEO Activators) who contributed $1100 each.
Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.