QA mode · Tier:PUBLIC(override via ?tier=paid | premium)
← All Vendors
measurement

33across

33across deploys persistent identifiers and cross-site identity resolution for programmatic advertising, with 65% broker exposure creating significant demand signal leakage across DSP partners.

7 IOCs observed2 detections2 sites
65
Vendor Risk Score
Tier: GRAY
Observation Coverage

BLACKOUT observes runtime behavior in the browser. This dossier reflects browser-side execution, which is one of five vendor data-egress classes. Server-to-server transfers, backend integrations, and offline data flows are outside this observation boundary.

BLACKOUT observes runtime behavior and cites the regulations that address that behavior pattern. Legal determinations are the customer's counsel's call.

How This Briefing Works

This dossier opens with key findings, then maps the gap between what 33across discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection evidence underneath. BLACKOUT observes runtime browser behavior and cites the regulations that address each pattern — legal determinations are your counsel's call.

Key Findings

At a Glance

Detections
2

across 2 sites

Pre-Consent Rate
0%

vendor fires before consent

Disclosure Gaps
1

Summary

Briefing

33across operates as an identity resolution platform for advertising, creating persistent user profiles through cross-site tracking and deterministic matching. The 65% broker score reflects systematic data sharing with DSP partners, advertising exchanges, and measurement platforms.

Customer Impact

What This Means For You

Sites deploying 33across leak 65% of user behavioral data to DSP partners and advertising exchanges, subsidizing competitor programmatic campaigns. Persistent cross-site tracking creates GDPR consent exposure, particularly for EU visitors where ePrivacy Directive enforcement is accelerating. Privacy-conscious buyers will flag identity resolution as disqualifying.

Collapse Engine

Risk Channel Breakdown

Oracle
Truth Collapse
0

Distorts attribution data

Broker
Control Collapse
65

65% demand signal leakage — user identifiers and behavioral signals shared with DSP partners and advertising exchanges, subsidizing competitor programmatic campaigns and audience targeting.

Reaper
Safety Collapse
0

Expands attack surface

Counselor
Legitimacy Collapse
40

Persistent cross-site tracking and identity resolution without granular consent create GDPR Article 6 lawful basis gaps and ePrivacy Directive cookie consent violations.

BTI Codes

Threat Indicators

Runtime-observed (BTI-C)

BTI-C13
Persistence Mechanisms

Long-lived identifiers

BTI-C14
Identity Resolution

PII deanonymization

2
BTI Consequences Identified

Per-code narrative explanations of what each detected behavior means for your organization

Available in VIDB Subscription

Per-code evidence with full attribution chain, severity rankings, and consequence narratives See pricing →

Disclosure Gaps

Claims vs. Reality

1
Gaps Observed

BLACKOUT analyzed 33across's public claims against observed runtime behavior and identified 1 contradiction.

Available in VIDB Subscription

Full claim-vs-reality gap analysis with claim text, observed behavior, severity, regulatory citations (GDPR, CCPA, ePrivacy), and evidence pointers per gap See pricing →

Recommended Actions

What To Do

Recommended Actions
4

0 for current users · 4 for evaluators

Negotiation Leverage
4

contractual leverage points

Available in VIDB Subscription

Role-specific actions (security / legal / marketing / procurement), full negotiation brief with contractual language, and BTI-code-specific consequences See pricing →

Ecosystem

Supply Chain & Pairings

Available in VIDB Subscription

Full supply-chain mapping (loads / loaded-by lists with vendor identities) and the undisclosed-subprocessor list with observation evidence See pricing →

Profile: 33acrossFirst Seen: 2026-01-22Last Updated: 2026-01-22