A new study finds 3,000 websites on which third-party tracking companies scoop up what you type into forms in real time — even if you never hit submit. This happens on about 1,800 websites for E.U. users too, likely in violation of the GDPR.
https://homes.esat.kuleuven.be/~asenol/leaky-forms/leaky-forms-usenix-sec22.pdf
(Via https://twitter.com/random_walker/status/1524433565668102144)
^ “Our results—likely lower bounds—show that on thousands of sites email addresses are collected from login, registration and newsletter subscription forms; and sent to trackers before users submit any form or give their consent.” :
@EU_Commission
Did you had a plan to enforce the GDPR or did you just forgot it cause of your total-surveillance thing?
@rufposten yeah and it is even sold to publishers by there advertising partners as "alternate way to cookies". their tools scanning for email-fields and use the input to generate uniq advertising ids - cross platform ids.