Insights & Analysis
Insights on data privacy, compliance, and website security.
Current view
Quarterly Risk Report – Q1 2026
The digital privacy landscape is in constant motion, shaped by new litigation, shifting regulations, and rapid changes in tracking technology. This quarter’s report delivers a clear, data-backed look at where the risks are rising and how businesses can respond before they face legal or reputational fallout.
When you outsource a website redesign, you can delegate the labor, but you can’t delegate the legal liability. Between "piggybacking" scripts hidden within third-party tools and "Shadow IT" tags added post-launch, your site can easily become a playground for unauthorized data collection.
Companies believe they have control over data collection through policies, consent tools, and governance, but in practice, they lack visibility into what actually executes in the browser. Modern websites are dynamic and constantly changing, creating a growing gap between intended behavior and real data flows. Without continuous, real-time insight and control at the point of collection and execution, organizations are operating on assumptions, leaving them exposed to unseen risk and liability.
Global Privacy Control (GPC) has evolved from a niche browser setting into a critical legal mandate that regulators now enforce through "outside-in" technical audits. It is no longer enough to have a compliant privacy policy; organizations must ensure their website’s code actually honors these automated opt-out signals at the network layer to avoid costly settlements and misrepresentation charges. Lokker bridges this gap by providing real-time, network-layer enforcement that blocks unauthorized data flows and generates the technical evidence required to prove that a company’s privacy promises match its actual website behavior.
We were proud to join our partners at Marsh and Troutman Pepper for an in-depth discussion on evolving privacy regulations and the growing risks surrounding website tracking technologies. Hear from our CEO, Ian Cohen, alongside leading experts in privacy law and cyber-risk, as they discuss practical strategies organizations can take today to mitigate regulatory exposure […]
Cross-Functional Issues with Data Privacy As privacy regulations rapidly evolve and enforcement intensifies, organizations are discovering that managing data privacy cannot be confined to the legal department alone. Cross-functional collaboration—between legal, engineering/IT, marketing, and privacy teams—is no longer optional. This outlines the key challenges, misalignments, and practical strategies organizations can adopt to build aligned, effective […]
Background In 1988, while being confirmed as a Supreme Court justice, Robert Bork’s video rental records were published by the Washington City Papers. Soon after, Congress passed the Video Privacy Protection Act of 1988. This is a U.S. federal law meant to protect the privacy of consumers' video rental history. It prohibits video service providers […]
The New York Health Information Privacy Act (NY HIPA) is a new law aimed at strengthening the privacy and security of health-related information for New York residents. Enacted on January 22, 2025, NY HIPA introduces comprehensive regulations governing the collection, processing, and sharing of health data. As of now, this bill has passed the New […]
Why is Privacy So Challenging? LOKKER CEO Ian Cohen, along with Foley attorneys Jennifer Urban and Aaron Tantleff, presented at the Midwest Cyber Security Alliance to discuss the significant shifts in data privacy that are creating new challenges for businesses. The discussion covered key privacy hurdles, including: This session explores these challenges from legal, marketing, […]
Avoid these common mistakes businesses make when setting up Consent Management Platforms (CMPs), from inconsistent web scanning to misclassifying cookies. Avoid non-compliance, protect user data, and maintain trust by ensuring your cookie consent banner meets privacy regulations.
This article highlights the technical limitations of Consent Management Platforms (CMPs), revealing how many fail to block cookies or track user consent as promised fully. It provides insights into hidden compliance risks and offers guidance on how companies can ensure their consent banners meet privacy regulations.
Explore the deceptive use of dark patterns in cookie consent banners, including how these tactics manipulate users into giving consent. It also discusses the costly consequences for businesses, including violations of privacy laws and the erosion of user trust.
Implementing proper data privacy practices is more than just a legal obligation; its a key avenue for enhancing consumer trust. Find out the best data privacy tools to keep your organization safe.