The federal government is best at protecting consumer data and the health care sector is the worst, according to a new study by the not-for-profit Internet Society’s Online Trust Alliance.
The 10th annual Online Trust Audit and Honor Roll analyzed more than 1,200 consumer-facing websites to determine which industry values security and privacy the most.
Here's how the seven industries the Online Trust Alliance examined ranked:
- U.S. government – 91% of audited U.S. federal government sites made the Honor Roll)
- consumer services (everything from social media to travel-booking websites to tax-prep services) – 85%
- news and media – 78%
- banks – 73%
- internet retailers – 65%
- internet service providers, carriers, hosters and e-mail providers – 63%
- health care – 57%
The health care companies examined include pharmacies, health insurers, hospital systems and genetic-testing businesses.
The Online Trust Alliance evaluated the websites based on how well they protected their e-mail, whether they encrypt sessions with their users and what they say in their privacy statements.
"What do you collect, what do you do with it and who do you share it with?," the group's technical director, Jeff Wilbur, said. "By far, the biggest tactic bad guys use is someone steals your credentials. E-mail represents a starting point of 90% of attacks."
The Online Trust Alliance's overall list of the most vigilant about protecting consumer data includes the Federal Emergency Management Agency, PayPal, the First National Bank of Omaha and DNA-testing company 23andMe. Ranked first on the list was Google Play.