How This Briefing Works
This dossier opens with key findings, then maps the gap between what TVScientific discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection evidence underneath. BLACKOUT observes runtime browser behavior and cites the regulations that address each pattern — legal determinations are your counsel's call.
At a Glance
across 2 sites
vendor fires before consent
1 HIGH
Briefing
TVScientific is a connected TV (CTV) advertising measurement and attribution platform that links web behavior to television ad exposure. BLACKOUT detected TVScientific across 2 deployments on 2 sites, revealing 1 domain, 12 scripts, and 1 cookie. Six behavioral threat codes were triggered including cross-domain sync (C08), identity resolution (C14), and behavioral biometrics (C06). While TVScientific shows a 0% pre-consent rate on observed deployments, the combination of cross-domain identity stitching and fingerprinting enables persistent cross-device tracking that bridges web browsing and CTV viewing — a surveillance capability that extends far beyond campaign measurement.
What This Means For You
If TVScientific is deployed on your site, your web visitors are being linked to television viewing profiles through cross-domain identity sync and fingerprinting. While the 0% pre-consent rate on observed deployments is encouraging, the 12 scripts and 6 behavioral codes indicate substantial data collection that your privacy team needs to account for. Your visitor data is being used to build cross-device identity profiles that bridge web and CTV — a processing activity that most privacy policies do not adequately disclose. If your visitors are in the EU, linking their website behavior to television viewing constitutes combining data from separate processing contexts, requiring specific consent under GDPR that generic cookie consent banners do not cover. The 12-script payload also adds meaningful page weight and performance overhead to your site.
Risk Channel Breakdown
TVScientific's cross-domain sync (C08) and identity resolution (C14) create a cross-device identity layer that links web visitors to CTV ad exposure. Your campaign attribution data passes through infrastructure that resolves identities across screen types, meaning TVScientific's measurement introduces an identity graph dependency that distorts your understanding of which touchpoints actually drive conversions.
Cross-domain identity sync bridges your web audience data with CTV viewing behavior across TVScientific's network. 12 scripts feeding a cross-device identity graph means your visitor intelligence — who visits your site, what they do, and which TV ads they saw — flows through shared infrastructure where it contributes to audience models available to the broader CTV advertising ecosystem.
Expands attack surface
Cross-device tracking from web to television requires explicit consent for each processing purpose under GDPR and CCPA. Identity resolution that links a website visit to a TV viewing session constitutes combining data from separate contexts — a processing activity that Article 5(1)(b) purpose limitation makes extremely difficult to justify. Behavioral biometrics (C06) collected via 12 scripts adds a biometric data layer that triggers additional compliance obligations under BIPA and GDPR Article 9.
Threat Indicators
Runtime-observed (BTI-C)
Evasion infrastructure, auditor bypass
Keystroke/mouse tracking
Identity stitching
Device identification
Long-lived identifiers
PII deanonymization
Per-code narrative explanations of what each detected behavior means for your organization
Per-code evidence with full attribution chain, severity rankings, and consequence narratives See pricing →
Claims vs. Reality
BLACKOUT analyzed TVScientific's public claims against observed runtime behavior and identified 1 contradiction.
Full claim-vs-reality gap analysis with claim text, observed behavior, severity, regulatory citations (GDPR, CCPA, ePrivacy), and evidence pointers per gap See pricing →
What To Do
4 for current users · 4 for evaluators
contractual leverage points
Role-specific actions (security / legal / marketing / procurement), full negotiation brief with contractual language, and BTI-code-specific consequences See pricing →
Supply Chain & Pairings
Full supply-chain mapping (loads / loaded-by lists with vendor identities) and the undisclosed-subprocessor list with observation evidence See pricing →