Yesterday, we had Fran Maier, President and Executive Chair of the board of  TRUSTe and co-founder of, with us to talk about small business privacy practices on CredibilityLIVE.

Special thanks to Michael Hutchison, an inspirational speaker, entrepreneur and author of Speaking Mastery: The Keys to Delivering High-Impact Presentations, for hosting the event and discussing privacy and how privacy policies and tips affect small businesses and their relationships with clients, and potential customers and business partners with Fran.

Check out some highlights from the event below:

Michael: You built TRUSTe at a very formal stage, what were some of the lessons learned when you took them from that non-profit to that profit stage?

Fran: Continuously to focus on the needs of the customer, and initially to the customers, which are the consumers, who count on [seeing] the TRUSTe seal on websites—and we’re on about 4,000 websites … it means something to them. And so you have to keep really true to what do we mean. And at TRUSTe for consumers, we mean that the company has responsible practices regarding your information. So your information will not be shared with an advertiser or a marketer without your permission. And we have to continue to invest in the consumer, because the brands who get the benefit of the TRUSTe mark don’t get that unless the consumer thinks it’s meaningful.

Now, for the smaller companies that we initially went after and the distribution partners we have, we wanted to make sure they were really getting what they needed. And what we learned was that a lot of small companies did not even have privacy policies, just the basics, or they were cutting and pasting. So that was one of the things we were focusing on initially—was trying to get them a good privacy policy generator that was appropriate for the kinds of eCommerce or other things that they were doing on their websites. So you have to continue to focus on the customer. And of course as any small business knows, hiring the right people, making the right partnerships are critical to success.

Michael: How would you respond to the objection that some people just don’t follow their standards, they just neglect them? What are the common pitfalls, what are the common mistakes companies make?

Fran: You know, again, cutting and pasting a privacy policy—not a good idea. You need to have a policy that reflects your business and your practices. Sharing information with any marketer who wants to pay you some money—not a good idea … Privacy is about what you want to share with somebody. And what I might want to share and what you might want to share is very different. So if a company is collecting information and has permission to do certain things, you can do it. But if they don’t have permission, they shouldn’t.

Michael: What advice would you give to a small business owner for that recipe to success to adhere to policy standards? Lay those steps out.

Fran: You know, again, our trustmark is focused on privacy. We can help them start with a privacy policy, but actually that goes directly to their privacy practices. So a small business should have a pretty good understanding—a very good understanding—of what information they’re collecting, why are they collecting it, and how they’re going to use it. And that extends to what they’re collecting directly, for example, if they’re an eCommerce company, they’re more than likely collecting an email address, shipping information, financial information, they should be very clear about that. But they may also have some advertisement on their website. And those advertisements might be served by different kinds of ad networks that have a cookie also collecting surfing information about a consumer. So they should be cognizant of who they’re partnering with and what kind of information their partners are collecting, and how they’re using that. So once they understand what information they’re collecting and how they’re using it, those are the inputs for a good privacy policy that will accurately reflect to the consumer.

The best practices include having a short notice. So instead of making consumers read a long legal document, we try and help our clients have a shorter, more concise, icon-based privacy policy, so that they can really have something that’s a positive communication to the consumer about what they’re doing.

Michael: What is online behavior advertising and how does it affect the small business person?

Fran: So right now, as I mentioned in an earlier example, if you’re an eCommerce site, a community site or even a blog, you might have advertising. A lot of that advertising includes a cookie that keeps track of the consumer’s visits to different websites. So you might go from a fitness website to travel a website maybe, to a car or a coding website. Then later, you’ll find as a consumer, you’re on a website and you see another car advertisement or a travel, or another thing, and it almost feels like you’re being followed around. Well that’s behavioral advertising. Now the truth is it’s just a cookie, and it’s picking up your surfing behavior and maybe making some inferences about what your interests are.  While we’re here in Malibu, if you’re surfing, surfing—it’ll pick up on that and serve you ads that are more relevant to you.

A lot of consumers think that their personal information is being sent to the advertiser. That’s not the case, or should not be the case. So this has been a big concern because sometimes it gets a little creepy, it’s a little too close to home, and the publishing industry and advertisers have not been that transparent that they’re doing this. So now there’s a big call to be really transparent about behavioral advertising and whether or not when you visit a website, whether or not that cookie is available. And now [you’ll] actually see it; you probably haven’t seen it before—an eye and a triangle going forward. Click on that and any consumer can opt out of behavioral advertising from that advertiser and from that publisher. So it’s really important that you get to choose and that you give your consumers choice. That’s part of building trust.