Tagged “gdpr”
5 posts
Glasshouse: Audit Any Website for GDPR Violations in 90 Seconds (and File a DPA Complaint in Two More)
Open-sourcing the privacy auditor I used to scan 10 popular websites (all 10 failed) — plus the DPA complaint builder that turns a scan into a ready-to-file dossier.
|26 min readPre-Consent Tracking in 2026: How It Works, Why Regulators Are Cracking Down, and How to Build a Site That Actually Waits
I scanned 10 popular consumer sites and timed what happens in the first few hundred milliseconds of each page load. Every single one fired non-essential trackers before the consent banner appeared. Why "we use Consent Mode v2" is not a defense, what the law actually says, and what a site that genuinely waits for consent looks like in code.
|23 min readCookie Banner Dark Patterns in 2026: How They Work, Why Regulators Are Cracking Down, and How to Build Symmetric Consent
I scanned 10 popular consumer sites for dark patterns. All 10 failed at least one EDPB criterion; half had a reject path that did not actually delete tracking cookies. The CSS, the GDPR violations, and what symmetric consent costs.
|20 min readBrowser Fingerprinting in 2026: How It Works, Why Regulators Are Cracking Down, and How to Defend Against It
The tracking method that survives when cookies die. A technical guide to canvas, WebGL, AudioContext, and WebGPU fingerprinting — what GDPR and ePrivacy actually say, and what defenses hold up.
|15 min readI Built an AI That Audits Websites for Privacy. Here's What It Found.
A data engineer who builds tracking infrastructure by day built an AI that audits everyone else's. 10 major websites scanned. Average score: 4.9 out of 10.
|4 min read