Skip to main content
Human Security logo
Security High complexity

Human Security

le Human Security

Socraíonn fianáin
Níl
Seolann PII
Níl
Rianú trassuímh
Níl
Toiliú riachtanach
Functional

Forbhreathnú

Human Security (formerly White Ops, merged with PerimeterX in 2022) is a cybersecurity platform that detects and mitigates bot traffic, ad fraud, and account takeover attacks. Its JavaScript tag collects behavioural signals from website visitors - including mouse movements, keystroke dynamics, device fingerprinting, and network characteristics - to distinguish human users from automated bots. Human Security's verification technology is deployed by major advertising platforms, publishers, and enterprises to protect against sophisticated bot attacks. From a governance perspective, the tag collects extensive device and behavioural data, but its purpose (security) may provide a stronger legal basis than typical analytics or advertising tags.

Cumais Braite

Signature count
3
Detection methods
network

Tionchar Feidhmíochta

Tionchar Feidhmíochta

Iarratais in aghaidh an leathanaigh
3

Botúin Choitianta

  • 1 Not disclosing bot detection in the privacy notice - even though it serves a security purpose, it involves collecting detailed behavioural and device fingerprint data from all visitors
  • 2 Assuming security tools are automatically exempt from consent requirements without assessing the specific data collected and whether it constitutes personal data under GDPR
  • 3 Failing to conduct a proportionality assessment - Human Security collects extensive behavioural signals, and organisations should verify that the level of data collection is proportionate to the bot threat
  • 4 Not reviewing the data retention period for bot detection signals, which may persist longer than necessary for the security purpose
  • 5 Overlooking the device fingerprinting aspect, which the ePrivacy Directive treats similarly to cookie-based tracking and may require consent in some jurisdictions

Breithnithe Comhlíontachta

Human Security's JavaScript tag collects device fingerprinting data, behavioural signals, and network characteristics to identify bot traffic. Under GDPR, this data likely constitutes personal data, but the security purpose may support a legitimate interest legal basis under Article 6(1)(f), provided a balancing test is documented. The ePrivacy Directive's rules on accessing terminal equipment may still require consent for device fingerprinting in some EU member states, regardless of the legal basis under GDPR. Organisations should document their legitimate interest assessment, include bot detection in their privacy notice, and verify that Human Security's data processing agreement covers all relevant data flows. Human Security processes data in the United States and should be assessed against EU-US Data Privacy Framework requirements.

An bhfuil cúnamh uait chun Human Security a rialú?

Aimsíonn ár ndiagnóisic rialachais bearnaí comhlíontachta trasna d'eastát clibeanna iomlán.

Tosaigh do Dhiagnóisic Rialachais