From the July 2002 issue of Entrepreneur

Who Do You Trust?

There are good ways to serve up spam, and then there are bad ways. Leading privacy organization TRUSTe (you see their privacy seals on Web sites everywhere) and consulting company ePrivacy Group have rolled out the Trusted Sender Program to help Internet users tell the difference. Entrepreneurs using e-mail marketing will want to take heed.

Legitimate commercial e-mails sent in compliance with the program will carry a seal; those of the dime-a-dozen "lose 10 pounds in 10 hours" variety will not. Participating companies are bound by the nonprofit TRUSTe's Watchdog dispute resolution program and are required to honor unsubscribe requests. Nobody expects this to end inundation by "make millions from home" messages, but eventually consumers may tune their e-mail programs to filter out any non-TRUSTe seal e-mails. That alone could be a powerful motivator for entrepreneurs to sign up.

Big names like Bigfoot Interactive, Chrysler, DoubleClick and Microsoft have already come out in support. With all the governmental anti-spam rumblings lately, this program is also one more way Internet businesses are hoping to hold off legislation by showing self-regulation can be effective. As usual, success depends on widespread adoption. TRUSTe's clout and name recognition give it a better-than-average shot at succeeding. Get more information or get involved by visiting TRUSTe online at www.truste.com.

First to Know

You find a security vulnerability in a software program. Do you a) notify the company, b) ignore it or c) announce it to the entire Web? The tentatively named Organization for Internet Safety insists the answer should always be "a." Not surprisingly, Microsoft, the highest-profile purveyor of software flaws, is the lead company in the new group. Several large security firms also appear on the roster. Their main goal is to standardize reporting to ensure that software companies are notified first. Companies would then be required to address the issue within a specific amount of time.

No software business wants the whole Web to know of a problem before it can be fixed-and, in truth, announcing it could alert hackers to a vulnerability before the fixes can be published. Software entrepreneurs: Keep tabs on this new group while it's still in the formation stages. If it does manage to push for regular reporting procedures, it should work for all companies alike.