Skip to main content
Human Security logo
Security High complexity

Human Security

por Human Security

Define cookies
Não
Envia PII
Não
Rastreamento entre sites
Não
Consentimento necessário
Functional

Visão Geral

Human Security (formerly White Ops, merged with PerimeterX in 2022) is a cybersecurity platform that detects and mitigates bot traffic, ad fraud, and account takeover attacks. Its JavaScript tag collects behavioural signals from website visitors - including mouse movements, keystroke dynamics, device fingerprinting, and network characteristics - to distinguish human users from automated bots. Human Security's verification technology is deployed by major advertising platforms, publishers, and enterprises to protect against sophisticated bot attacks. From a governance perspective, the tag collects extensive device and behavioural data, but its purpose (security) may provide a stronger legal basis than typical analytics or advertising tags.

Capacidades de Detecção

Signature count
3
Detection methods
network

Impacto no Desempenho

Impacto no Desempenho

Requisições por página
3

Erros Comuns

  • 1 Not disclosing bot detection in the privacy notice - even though it serves a security purpose, it involves collecting detailed behavioural and device fingerprint data from all visitors
  • 2 Assuming security tools are automatically exempt from consent requirements without assessing the specific data collected and whether it constitutes personal data under GDPR
  • 3 Failing to conduct a proportionality assessment - Human Security collects extensive behavioural signals, and organisations should verify that the level of data collection is proportionate to the bot threat
  • 4 Not reviewing the data retention period for bot detection signals, which may persist longer than necessary for the security purpose
  • 5 Overlooking the device fingerprinting aspect, which the ePrivacy Directive treats similarly to cookie-based tracking and may require consent in some jurisdictions

Considerações de Conformidade

Human Security's JavaScript tag collects device fingerprinting data, behavioural signals, and network characteristics to identify bot traffic. Under GDPR, this data likely constitutes personal data, but the security purpose may support a legitimate interest legal basis under Article 6(1)(f), provided a balancing test is documented. The ePrivacy Directive's rules on accessing terminal equipment may still require consent for device fingerprinting in some EU member states, regardless of the legal basis under GDPR. Organisations should document their legitimate interest assessment, include bot detection in their privacy notice, and verify that Human Security's data processing agreement covers all relevant data flows. Human Security processes data in the United States and should be assessed against EU-US Data Privacy Framework requirements.

Precisa de ajuda para governar Human Security?

Nosso diagnóstico de governança identifica lacunas de conformidade em todo o seu conjunto de tags.

Inicie seu Diagnóstico de Governança