LOKKER Research of 170,000 Websites Reveals Over 5.1 Million Data Privacy Risks Amid Growing Number of Lawsuits and Data Privacy Legislation

New analysis identifies significant issues on websites across multiple industries, putting companies at risk of breaches and non-compliance

REDWOOD CITY, CA., October 19, 2022 /PRNewswire/ — LOKKER, a provider of enterprise data privacy and compliance solutions, today launched its second annual research report detailing global online data privacy risks. His latest research analyzed 170,000 websites around the world, identifying more than 5.1 million data privacy risks. The research comes at a pivotal time as businesses face both a boom in court case for data privacy breaches they are often unaware they are committing, and the need to comply with new privacy laws.

LOKKER’s research found that companies inadvertently share personal data of site visitors with a host of third parties that introduce a range of vulnerabilities, like JavaScript trackers, fingerprinting, data skimmers, and web-based replay scripts. session. While third-party cloud software provides beneficial website functionality, many collect and share visitor information, often with unauthorized parties and without the knowledge of the website owner. As a result, brands are putting themselves and their customers at risk – risking millions of dollars in legal fees, regulatory fines and penalties, and substantial erosion of consumer trust.

“Many organizations don’t know the extent to which they share data with third parties because they can’t see what’s going on behind the scenes in the browser, let alone control it,” said Ian Cohen, founder and CEO of LOKKER. “Without visibility into privacy risks imposed by third parties, organizations are exposed to a growing number of class action lawsuits alleging violations of current and future laws. California, Utah, Virginia, Connecticut and Colorado. We view the recent explosion of data privacy lawsuits as the start of an expansion of US regulatory actions, much like GDPR enforcement in Europe. Getting control of website browser data privacy has never been more urgent for businesses.”

Key takeaways from LOKKER’s latest report include:

The web browser is the new endpoint to defend

  • There are nine critical web privacy risks that companies need to control, including malware, PII and PHI data skimming, trackers, session-by-session cookies, fingerprinting scripts, foreign domains making requests, session replay scripts logging activity, young domains serving JavaScript, and poor SSL certification.
  • Over 38,000 fingerprinting scripts lead to widespread consumer profiling, capturing information such as a person’s location, IP address, device type, installed fonts and other sound specifications. computer and its browser. This allows savvy data brokers to create profiles (“fingerprints”) that are continually enriched until a website visitor can be identified.
  • More than 11,000 scripts have been written by well-known nation-state actors, the vast majority of Russia.

93% of online trackers come from Google (71.19%), Facebook (15.7%) and Microsoft (6%)

  • These trackers – JavaScript that collects information from a host site and sends it to a third party – also come from sub-brands such as Google’s Doubleclick advertising network and Microsoft’s LinkedIn platform.

The major social media networks collect data from education, financial services and healthcare sites

  • Analysis of educational sites in the United States (over 6,000 domains inspected) revealed that Facebook trackers are on 42% of sites, Microsoft on 15%, Twitter on 10%, and SnapChat and TikTok on 5% of sites .
  • Of more than 5,000 hospital and health service sites, 40% have Facebook trackers, 13% have Microsoft trackers, 8% have Twitter trackers, and 6% have Pinterest trackers. Note, TikTok trackers were discovered on 5% of the sites analyzed.
  • On Fortune 1000 website homepages, Facebook trackers were identified on 46% of sites, Microsoft on 31%, Twitter on 21%, and Pinterest on 11%.
  • As for US financial services sites, Facebook is present on 36% of sites, Microsoft on 19% and Twitter on 10%.

“The growing number of class action lawsuits, growing consumer concerns about personal data privacy and the impending entry into force of data privacy laws in 2023 are increasing the pressure on organizations to take control of data privacy risks on their websites,” Cohen added. “Organizations have an immense responsibility to protect their customers and their business. It is critical that they mitigate these threats by not exposing consumers’ personal data to unauthorized third parties.”

For LOKKER’s full report that discusses these risks and their impacts in more detail, as well as how businesses can prepare to comply with the 2023 privacy regulations, visit https://lokker.com/wp-content/uploads/2022/10/LOKKER_OnlineDataPrivacyReport_Oct22.pdf

LOKKER is a Silicon Valley-based data privacy technology company that creates software for businesses to protect their customers’ sensitive personal information from misuse and sharing. LOKKER’s Privacy Edge™ platform is a SaaS solution that automates the detection and mitigation of JavaScript-based threats that lead to major incidents, fines, and reputational damage to businesses. For more information, visit lokker.com.


About Stuart M. McFarland

Check Also

Websites overtake webmail as main vector for phishing

According to a new study by netscope. The company’s threat research found that financial services …