BTICODES
BTI CODES // THE VOCABULARY

All 30 codes.
16 BTI-C · 14 BTI-X.

The vocabulary the BTI framework uses. Each code names a class of vendor behavior. Advisories cite codes; codes don't cite vendors.

BTI-C codes describe observable runtime behaviors. BTI-X codes describe contextual claims-vs-reality patterns.

//BTI_C_CODES // OBSERVABLE_RUNTIME

BTI-C codes

The mechanisms of taking. Behaviors observed directly in vendor code at runtime — data collection, fingerprinting, consent bypass, exfiltration, evasion.

BTI-C01ACTIVE

Defeat Device

They take your ability to see what they're taking.

Evasion
BTI-C03ACTIVE

Storage Exfiltration

They take your first-party data and monetize it.

Data Exfiltration
BTI-C04ACTIVE

Supply Chain Risk

They take a cut for every undisclosed vendor they load.

Infrastructure
BTI-C06ACTIVE

Behavioral Biometrics

They take your users' behavior patterns and fingerprint them.

Surveillance
BTI-C07ACTIVE

Session Recording

They take your UX research and conversion insights.

Surveillance
BTI-C08ACTIVE

Cross-Domain Sync

They take your visitor identity and connect it everywhere.

Identity
BTI-C09ACTIVE

Consent Bypass

They take data before your users can say no.

Compliance
BTI-C10ACTIVE

Fingerprinting

They take device signatures to track users who block cookies.

Identity
BTI-C11ACTIVE

CMP Manipulation

They take control of your consent UI to get the answer they want.

Compliance
BTI-C13ACTIVE

Persistence

They take permanent residence in your users' browsers.

Identity
BTI-C14ACTIVE

Identity Resolution

They take your anonymous visitors and sell them as leads to your competitors.

Identity
BTI-C15NEUTRAL

Tag Manager

They don't take anything directly. They're the gun, not the bullet.

Infrastructure
BTI-C16ACTIVE

Real-Time Exfiltration

They take your traffic signals and stream them live to buyers.

Data Exfiltration
BTI-C17INVESTIGATIVE

DOM Harvest

They take your page content, pricing, and competitive intelligence.

Data Exfiltration
BTI-C18ACTIVE

Identifier Propagation

They take your click IDs and leak them through exit links.

Identity
BTI-C19ACTIVE

Client-Side Manipulation

They take control of your page and modify it for their benefit.

Attack
//BTI_X_CODES // CLAIMS_VS_REALITY

BTI-X codes

The deception that obscures the take. Patterns where what a vendor claims contradicts what runtime behavior shows — undisclosed parties, marketing mismatches, opt-out failures.

BTI-X01ACTIVE

Undisclosed Party

They hid who else is taking.

Disclosure
BTI-X02ACTIVE

Undisclosed Sharing

They hid where your data goes after they take it.

Disclosure
BTI-X03ACTIVE

Retention Violation

They keep taking value from data they promised to delete.

Policy
BTI-X04ACTIVE

Marketing Mismatch

They lied about what they take.

Claims
BTI-X05ACTIVE

Compliance Claim Mismatch

Their compliance badges are cover for the take.

Claims
BTI-X06ACTIVE

Jurisdiction Violation

They take your data across borders you didn't authorize.

Legal
BTI-X07ACTIVE

Opt-Out Failure

They keep taking after users say stop.

Compliance
BTI-X08ACTIVE

Scope Creep

They take more than you agreed to give.

Policy
BTI-X09ACTIVE

Data Security Discrepancy

They lied about how they protect what they take.

Claims
BTI-X10ACTIVE

CMP Disclosure Mismatch

They take through vendors not shown in consent UI.

Disclosure
BTI-X11ACTIVE

Contract/DPA Breach

They take in ways that breach your agreement.

Legal
BTI-X12ACTIVE

Assurance Gap

They won't prove they're not taking.

Claims
BTI-X13ACTIVE

Observability Regression

They reduced visibility AFTER being caught taking.

Evasion
BTI-X14ACTIVE

Ecosystem Misinformation

They poison the discourse to normalize the take.

Claims

Codes are the vocabulary. Advisories are the findings. BTSS is the severity score. The framework explainer lives on /methodology.

Browse advisories →Read the framework →