On-demand webinar

Going beyond “reasonable security measures” to align with CCPA and GDPR

Don’t let third-party code (continue to) steal your customer information.

While 2018 was the year of GDPR, the new California Consumer Privacy Act (CCPA) is coming in 2020 and chances are your web apps are still not fully compliant. Both of these privacy regulations require that businesses take adequate precautions to protect customer information and prevent unauthorized access. Unfortunately, third-party tags or scripts in your web apps make it difficult to comply with this requirement.

All third-party code included in your web apps executes in the browser and has access to the same cookies and form fields that your first-party code does, leaving your customers’ data at risk for exfiltration through formjacking or cookie stealing. If you don’t take steps to prevent third parties from accessing sensitive information that customers enter on your website, you won’t be compliant, and worse yet, could see massive fines in line with what British Airways experienced.

The unfortunate reality is that the web was not built with privacy in mind, but there are ways to secure your customer data.

In this webinar, we'll cover:

  • The current ‘backdoors’ that exist in your web apps due to third-party code
  • Why existing tag management and security measures are not enough
  • How to defend customer information from being leaked by your web apps


Andy Wyatt

Senior Technologist, Instart