How This Briefing Works
This dossier opens with key findings, then maps the gap between what CaliberMind discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection evidence underneath. BLACKOUT observes runtime browser behavior and cites the regulations that address each pattern — legal determinations are your counsel's call.
At a Glance
across 9 sites
vendor fires before consent
Briefing
CaliberMind provides B2B marketing analytics and account-based orchestration. Detection indicates deployment of identity resolution for visitor deanonymization and consent bypass mechanisms, creating regulatory exposure for account-level intelligence gathering.
What This Means For You
Customers face GDPR violations from unconsented visitor deanonymization. Identity resolution creates Article 6(4) compatible purpose violations when anonymous browsing data is linked to CRM records without consent. B2B customers face reputational risk if account-level surveillance becomes public—competitors may view CaliberMind deployment as hostile intelligence gathering. IP-based identification creates accuracy concerns (VPNs, shared IPs, remote workers).
Risk Channel Breakdown
Distorts attribution data
CaliberMind resolves anonymous website visitors to company accounts and individual contacts, creating detailed account-level intelligence on buyer behavior, deal progression, and competitive evaluation activities.
Expands attack surface
Platform initializes visitor identification before consent collection, violating GDPR Article 6 lawfulness requirements and creating unauthorized processing of visitor data for deanonymization.
Threat Indicators
Runtime-observed (BTI-C)
Ignoring CMP signals
PII deanonymization
Per-code narrative explanations of what each detected behavior means for your organization
Per-code evidence with full attribution chain, severity rankings, and consequence narratives See pricing →
Claims vs. Reality
BLACKOUT analyzed CaliberMind's public claims against observed runtime behavior and identified 2 contradictions.
Full claim-vs-reality gap analysis with claim text, observed behavior, severity, regulatory citations (GDPR, CCPA, ePrivacy), and evidence pointers per gap See pricing →
What To Do
6 for current users · 6 for evaluators
contractual leverage points
Role-specific actions (security / legal / marketing / procurement), full negotiation brief with contractual language, and BTI-code-specific consequences See pricing →
Supply Chain & Pairings
Claims 0, observed 1
g2, salesloft, googletagmanager…
Full supply-chain mapping (loads / loaded-by lists with vendor identities) and the undisclosed-subprocessor list with observation evidence See pricing →