LEGAL-DRIVEN TECHNOLOGY SOLUTIONS

We evaluate consumer-facing websites and mobile apps, and generate reports that detail the scope of data collection and disclosure. In addition to identifying the relevant first and third parties present on a website or app, the reports include detections of conventional and technical personal information such as name, email address, phone number, geolocation, cookies and similar technologies, mobile advertising IDs, device IDs, etc., plus hashed and encoded variants of this information.

With these reports in hand, clients can verify the accuracy of their privacy disclosures, differentiate between intentional and accidental third-party data transmissions (e.g., sales/shares under applicable law), execute data privacy agreements, implement appropriate technical remediations, conduct risk assessments, and build an inventory of relevant trackers, pixels, etc. on their consumer-facing assets.

We analyze the effectiveness of opt-out signals and consent flags, such as the Global Privacy Control (GPC), Transparency & Consent Framework (TCF), Global Privacy Platform (GPP), and US Privacy String (USP). This enables us to help clients determine whether or not applicable signals and flags are adequately transmitted to relevant downstream parties, as required by applicable data privacy frameworks. 

We evaluate the efficacy of consent management platforms and cookie banners, enabling companies to strengthen their data privacy obligations related to obtaining adequate consent. For example, we analyze which cookies and similar technologies are utilized prior to and post-consent to validate a company’s solution is working as intended and in accordance with applicable data privacy frameworks. 

We identify and categorize first and third parties on apps and websites, enabling clients to strengthen their visibility into relevant parties present so that they can execute applicable agreements and make adequate disclosures. 

We help uncover and mitigate unintended data leakage on consumer-facing assets to reduce legal exposure, such as with the VPPA and applicable wiretap laws. For example, we can help identify if video information and PII are transmitted to third parties on webpages that host video content. We can also assist clients in determining whether or not their websites employ certain session replay tools and similar technologies.

We employ AI to optimize and supplement our legal research, enabling us to efficiently conduct legal research for our clients. For example, some data privacy requirements take an opt-in approach while others take an opt-out approach. Using legally tailored and in-house built solutions, we can efficiently review and generate an inventory of the different approaches across the various data privacy frameworks to assist clients in navigating the nuances across their many data privacy obligations.

We assess mobile apps to help determine which data is collected and disclosed in order to help clients meet their mobile app store obligations. For example, our technology can help clients determine applicable purposes as defined by relevant mobile app stores, and honor opt-in requirements related to tracking.