How This Briefing Works
This dossier opens with key findings, then maps the gap between what LiveIntent discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection evidence underneath. BLACKOUT observes runtime browser behavior and cites the regulations that address each pattern — legal determinations are your counsel's call.
At a Glance
across 49 sites
vendor fires before consent
Briefing
LiveIntent provides universal email identity infrastructure that resolves email hashes to persistent IDs shared across advertising platforms. Their pixels embedded in marketing emails enable cross-publisher tracking that persists indefinitely, creating comprehensive user profiles syndicated to hundreds of advertising platforms without user awareness.
What This Means For You
Marketing teams unknowingly power competitor retargeting through email sends. Data teams discover customer emails in programmatic audience segments across advertising ecosystem. Legal inherits maximum GDPR/CCPA exposure from uncontrolled ID syndication. CFO funds competitor acquisition through every marketing email deployment.
Risk Channel Breakdown
Distorts attribution data
Perfect 100/100 CAC subsidization as LiveIntent universal IDs power competitor programmatic targeting. Every email open feeds the advertising ecosystem that competes for your customers.
25/100 attack surface from email tracking pixels that establish persistent browser connections. Supply chain exposure multiplies through ID syndication to 200+ advertising platforms.
Maximum 100/100 legal exposure from consent bypass (C09) and cross-domain sync (C08). GDPR Article 6 violations certain given processing without lawful basis and uncontrolled third-party sharing.
Threat Indicators
Runtime-observed (BTI-C)
Form data interception
Identity stitching
Ignoring CMP signals
Long-lived identifiers
PII deanonymization
Container/loader (neutral)
Per-code narrative explanations of what each detected behavior means for your organization
Per-code evidence with full attribution chain, severity rankings, and consequence narratives See pricing →
Claims vs. Reality
BLACKOUT analyzed LiveIntent's public claims against observed runtime behavior and identified 1 contradiction.
Full claim-vs-reality gap analysis with claim text, observed behavior, severity, regulatory citations (GDPR, CCPA, ePrivacy), and evidence pointers per gap See pricing →
What To Do
3 for current users · 3 for evaluators
contractual leverage points
Role-specific actions (security / legal / marketing / procurement), full negotiation brief with contractual language, and BTI-code-specific consequences See pricing →
Supply Chain & Pairings
googletagmanager, googleanalytics4, liveintent_advertising…
Full supply-chain mapping (loads / loaded-by lists with vendor identities) and the undisclosed-subprocessor list with observation evidence See pricing →