Email or username:

Password:

Forgot your password?
Matthias Eberl

A new study finds 3,000 websites on which third-party tracking companies scoop up what you type into forms in real time — even if you never hit submit. This happens on about 1,800 websites for E.U. users too, likely in violation of the GDPR.

homes.esat.kuleuven.be/~asenol

(Via twitter.com/random_walker/stat)

6 comments
scops

@rufposten yeah and it is even sold to publishers by there advertising partners as "alternate way to cookies". their tools scanning for email-fields and use the input to generate uniq advertising ids - cross platform ids.

Sebastian Lasse

@rufposten

^ “Our results—likely lower bounds—show that on thousands of sites email addresses are collected from login, registration and newsletter subscription forms; and sent to trackers before users submit any form or give their consent.” :

@EU_Commission
Did you had a plan to enforce the GDPR or did you just forgot it cause of your total-surveillance thing?

Johan Bové

@rufposten Very interesting study. This might not always be the intend by the website owners themselves. Shows the need for not trusting any JS snippets and browser extensions. To me, it also shows that content security policies (CSP) not only keep your site safer, but also the visitors.

Benoît B.

@rufposten

Do Ad-Blockers block those data flows as well?

Go Up