Top American banks have significant gaps in GDPR website compliance

GDPR affects all companies that engage with EU citizens, even if they have no physical presence in the EU, but a new study reveals that some major US firms still have websites that don’t comply. The research by digital threat management company RiskIQ looks at 25 of the 50 largest banks in the US (as of 2017) and finds significant security gaps in personally identifiable information (PII) collection. Per organization, RiskIQ has identified an average of 1,891 insecure login forms, 1,663 pages collecting PII insecurely, 1,326 EU first-party cookie violations and 1,265 EU third-party cookie violations. "PII discovery, inventory, and… [Continue Reading]