TRUSTe hands out its bright green seal of approval to websites, apps and other organizations that meet certain privacy standards.
But in more than 1,000 instances, TRUSTe didn't do its work to ensure those places deserved its seal.
The company settled charges brought on by the Federal Trade Commission and agreed to pay a fine. TRUSTe admitted Monday that between 2006 and 2013, it did not conduct annual inspections for every organization that brandishes its seal of approval.
Related: Is online privacy a lost cause?
According to TRUSTe, organizations can only earn the seal by submitting themselves to an outside review of how they collect data, store and share it and meet standards that demonstrate a "commitment to privacy."
So a hospital, school or social media app has to abide by rules such as the Children's Online Privacy Protection Act or European Union privacy rules.
The organizations can brandish their TRUSTe seal only if they're certified every year. However, that didn't happen.
Under the terms of its settlement, TRUSTe has to now pay the government $200,000 for its "ill-gotten gains."
Certification systems like TRUSTe are a private sector alternative to government regulation.
In a statement, FTC Chairwoman Edith Ramirez said this kind of self-regulation is important for helping consumers. The FTC steps in to make sure companies are doing their duty.
"TRUSTe promised to hold companies accountable for protecting consumer privacy, but it fell short of that pledge," Ramirez said.
