TRUSTe issues privacy ultimatum to Batteries.com. Maier says that the investigation into Batteries.com concluded with the following six findings, all of which constituted violations of TRUSTe's policies. Batteries.com provided personal data to a third party called sungifts.com, an organization that had a relationship with Men's Journal and it did this for marketing purposes. Batteries.com did not obtain approval from TRUSTe. It needs to do that because that sharing of information constitutes a material change to the privacy practice under which the license was granted. Batteries.com did not notify customers that practices were changing in terms of sharing with third party. Such notification is required of all TRUSTe licensees. In transferring its customers' personal identity information (names, email addresses, physical address, etc.) Batteries.com did not honor the preferences of the customers that opted out from receiving marketing communications from batteries.com. (The marketing communication in question is an email that was sent Batteries.com customers that informed them they would begin receiving the publication unless they opted-out again.) Related to item number 4, the opt-out page requires a link to a privacy statement which it did not have. Batteries.com already transferred the personal data outside of its organization to sungifts.com before the opportunity to opt-out was presented. It needs to go the other way around. Maier said she believes, after conducting the investigation, that the violations were unintentional. But, Maier added, it doesn't matter whether the transgression was intentional or not. "Either way, the outcome would have been the same," said Maier. "We issued a notice to Batteries.com that their license would be terminated unless certain action was taken within 20 days." The required remedies in that notice were as follows: Batteries.com must identify those customers whose opt-outs were not honored, send them an apology explaining TRUSTe's role and the requirement that TRUSTe has put on them as a result of the policy violations. Batteries.com must update its list management and other practices to ensure that opt-outs are respected. Batteries.com must update its privacy statement and other disclosures within its user interface (shopping cart, opt-outs opportunities, etc) to reflect its information practices and TRUSTe's program requirements. Once the privacy statement and disclosure step is completed, Batteries.com must announce to all customers the change in its privacy statement and its practices and the role that TRUSTe has played in those changes and announcements. Batteries.com must allow for TRUSTe to conduct an in-house audit and review of their Batteries.com's privacy and information practices. Batteries.com must, at its own expense, have its executives, marketing and customer service staffs attend TRUSTe-taught privacy training sessions. According to Maier, while TRUSTe demands a fee for the training, those fees don't come close to the total expense so far borne by TRUSTe in investigating the matter and in sending its trainers to Batteries.com for on-site training. "Batteries.com has 20 days to do those things that can be done within a 20-day period and to commit to doing those things that will take longer," said Maier. "The company has agreed to satisfy the remedies. But, if for some reason, they don't, then they're out [of the TRUSTe program]." http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2914180,00.html