They take data before your users can say no.
Executing tracking or data collection before or without valid consent signals. Scripts fire before CMP initialization, ignore consent denial signals, or use timing exploits to capture data in the gap between page load and consent interaction.
What It Costs You
Legal Tail Risk
Pre-consent data collection, undisclosed data sharing, and consent signal violations create regulatory exposure. Class actions and regulatory fines can exceed entire annual marketing budgets. Liability sits with the site owner, not the vendor.
Signal Corruption
Overlapping tracking mechanisms corrupt attribution data. Multiple sources claim credit for single conversions. Pipeline metrics diverge from reality. Marketing decisions get made on numbers that can’t be trusted.
Blackout uses security frameworks to protect AGAINST vendors, not FOR them. We do not notify vendors. We do not provide remediation windows. If you're using a vendor flagged by this code, the advisory is your evidence.