QA mode · Tier:PUBLIC(override via ?tier=paid | premium)
← All Vendors
deanon
RB2B

RB2B

RB2B deploys defeat device infrastructure targeting 60+ compliance audit tools while claiming SOC 2 and GDPR compliance. Runtime analysis reveals pre-consent tracking, systematic cookie theft from HubSpot and Facebook, and 87% of third-party vendors on their own site undisclosed in privacy documentation.

36 IOCs observed87 detections9% pre-consent51 sites
85
Vendor Risk Score
Tier: HOSTILE
Observation Coverage

BLACKOUT observes runtime behavior in the browser. This dossier reflects browser-side execution, which is one of five vendor data-egress classes. Server-to-server transfers, backend integrations, and offline data flows are outside this observation boundary.

BLACKOUT observes runtime behavior and cites the regulations that address that behavior pattern. Legal determinations are the customer's counsel's call.

How This Briefing Works

This dossier opens with key findings, then maps the gap between what RB2B discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection evidence underneath. BLACKOUT observes runtime browser behavior and cites the regulations that address each pattern — legal determinations are your counsel's call.

Key Findings

At a Glance

Detections
87

across 51 sites

Pre-Consent Rate
9%

vendor fires before consent

Disclosure Gaps
6

3 CRIT · 2 HIGH

Claims-vs-Reality Classified
BTI-X01BTI-X02BTI-X04BTI-X05BTI-X06BTI-X08BTI-X09BTI-X10BTI-X12
Summary

Briefing

RB2B is a B2B visitor identification platform owned by Retention.com (Austin, TX) that deanonymizes website visitors by harvesting personal emails, LinkedIn profiles, and company data. The platform deploys sophisticated defeat device infrastructure targeting 60+ compliance audit tools (Playwright, Puppeteer, Selenium) to evade regulatory oversight. Despite claims of SOC2 Type II, GDPR, and CCPA compliance, runtime analysis reveals 5.1% pre-consent tracking, HubSpot/Facebook cookie theft ("identifier laundering"), and 87% of third-party vendors on their site undisclosed in privacy documentation. Founder Adam Robinson (ex-Lehman Brothers) has publicly described the methodology as "email laundering" - applying financial CDO methodology to consumer data.

Customer Impact

What This Means For You

If RB2B is deployed on your site, your privacy policy is almost certainly inaccurate. You have inherited 54+ undisclosed sub-processors through their script, creating direct GDPR Article 28 liability. Their 5.1% pre-consent tracking rate means data is being collected from your visitors before consent is granted — that is your regulatory exposure, not theirs. Their defeat device infrastructure means any compliance audit you run will see different behavior than what your actual visitors experience, making your audit results unreliable. HubSpot and Facebook cookie values are being copied to RB2B-controlled keys without authorization from either platform, which may violate your integration agreements. If you are subject to GDPR, CCPA, or ePrivacy Directive, RB2B creates material compliance gaps that your existing consent mechanism does not cover.

Collapse Engine

Risk Channel Breakdown

Oracle
Truth Collapse
55

RB2B corrupts attribution by intercepting HubSpot and Facebook cookies, creating a parallel identity graph that competes with legitimate marketing attribution. The stolen hubspotutk cookie is copied to _reb2butk after a 2000ms delay to capture enriched identifiers, then used for cross-site correlation that pollutes first-party measurement.

Broker
Control Collapse
100

Core business model is demand signal theft. RB2B identifies anonymous visitors on competitor websites and routes those leads to paying customers. Companies using RB2B receive competitor intent signals; companies being scraped by RB2B lose competitive intelligence to rivals. White-label network (Knock2.ai, Clay) amplifies signal leakage.

Reaper
Safety Collapse
0

Defeat device infrastructure creates audit-proof attack surface. 60+ bot detection patterns disable tracking during compliance scans, meaning security assessments never see actual behavior. S3 bucket aliases (b2bjsstore) provide CDN-evasion fallback. Base64-encoded endpoints hide IP-API geolocation calls from static analysis.

Counselor
Legitimacy Collapse
100

Nine BTI-X violations create substantial regulatory exposure. SOC2/GDPR/CCPA claims combined with pre-consent tracking (X05), defeat devices (X04), and anonymous claims contradicted by PII harvesting (X09) constitute material misrepresentation. Cookie theft from HubSpot/Facebook without authorization may violate CFAA. GDPR Article 3(2) triggered via UK deployments (Cognism).

BTI Codes

Threat Indicators

Runtime-observed (BTI-C)

BTI-C01
Defeat Device

Evasion infrastructure, auditor bypass

BTI-C06
Behavioral Biometrics

Keystroke/mouse tracking

BTI-C07
Session Recording

Full session replay

BTI-C08
Cross-Domain Sync

Identity stitching

BTI-C09
Consent Bypass

Ignoring CMP signals

BTI-C10
Fingerprinting

Device identification

BTI-C14
Identity Resolution

PII deanonymization

BTI-C15
Tag Manager

Container/loader (neutral)

Claims-vs-Reality (BTI-X)

BTI-X01
Undisclosed Party

Not in privacy policy

BTI-X02
Undisclosed Sharing

Hidden data recipients

BTI-X04
Marketing Mismatch

Behavior contradicts marketing

BTI-X05
Compliance Claim Mismatch

False certification claims

BTI-X06
Jurisdiction Violation

Data to undisclosed regions

BTI-X08
Scope Creep

Collection exceeds disclosed scope

BTI-X09
Data Security Discrepancy

Security claims vs evidence

BTI-X10
CMP Disclosure Mismatch

CMP vendor list vs runtime

BTI-X12
Assurance Gap

Gated or missing due diligence docs

9
BTI Consequences Identified

Per-code narrative explanations of what each detected behavior means for your organization

Available in VIDB Subscription

Per-code evidence with full attribution chain, severity rankings, and consequence narratives See pricing →

Disclosure Gaps

Claims vs. Reality

6
Gaps Observed
3 CRITICAL2 HIGH1 MEDIUM

BLACKOUT analyzed RB2B's public claims against observed runtime behavior and identified 6 contradictions.

BTI-X01BTI-X02BTI-X04BTI-X05BTI-X06BTI-X08BTI-X09BTI-X10BTI-X12
Featured Gap
Defeat Device
CRITICAL
They Claim

"SOC2 Type II, GDPR, CCPA Compliant"

BLACKOUT Observed

60+ bot detection patterns disable tracking during compliance audits

5 more gaps — with regulatory citations and evidence pointers — available with subscription.

Available in VIDB Subscription

Full claim-vs-reality gap analysis with claim text, observed behavior, severity, regulatory citations (GDPR, CCPA, ePrivacy), and evidence pointers per gap See pricing →

Recommended Actions

What To Do

Recommended Actions
10

5 for current users · 5 for evaluators

Negotiation Leverage
3

contractual leverage points

Available in VIDB Subscription

Role-specific actions (security / legal / marketing / procurement), full negotiation brief with contractual language, and BTI-code-specific consequences See pricing →

Ecosystem

Supply Chain & Pairings

Subprocessor Disclosure Gap
1undisclosed

Claims 8, observed 9

Commonly Paired With
24

googletagmanager, googleanalytics4, liveintent

Available in VIDB Subscription

Full supply-chain mapping (loads / loaded-by lists with vendor identities) and the undisclosed-subprocessor list with observation evidence See pricing →

Profile: rb2bFirst Seen: 2025-12-11Last Updated: 2026-02-28