NT Analyzer Refresher:  Why Network Traffic Analysis?

Keeping track of where all the data is going can be devilishly difficult for companies, given the increasingly data-centric economy, massive changes in browser/mobile platforms, and the necessary use of a variety of modularized services and hosted solutions to make any website or mobile app function properly. All of these vendors/partners have the potential—often a propensity—to over-collect personal information. To make matters worse, companies must now confront sophisticated regulators, aggressive plaintiffs’ class action lawyers (VPPA, Wiretap, Pen Register, etc.), and self-appointed privacy watchdogs seeking to exploit alleged privacy failures.

In light of the increased risks, companies have a pressing need to ascertain what data third parties collect from their online properties. The list of third-party vendors/partners potentially receiving data is a long one: ad tech providers, data management platforms, analytics solutions, widget/content providers, CDNs, email providers, push notification vendors, crash reporting services, payment services, and the list goes on. 

Network traffic analysis—which involves conducting a robust sampling of the full-stream of data transmitted by a mobile app or website—offers chief privacy officers and legal departments (1) a full line-of-sight view into the data collection behaviors of all the vendors and partners mentioned above and (2) a complete picture of the data collected by the company’s own servers. Most of the compliance solutions available to companies today are limited and do not surface the relevant information. If companies want to know which third parties collect hashed email addresses, device IDs, IP address, precise geo-location, or any other data elements, analyzing network traffic is the best methodology because “the network packets don’t lie.”

We have been conducting network traffic analysis for clients at Norton Rose Fulbright for years using NT Analyzer. Our clients have included publishers, retailers, health care providers, financial institutions, airlines, mobile game companies, and clients in other industries. In addition, we have tested everything from websites and mobile apps to Bluetooth-connected shoes, smart-driving services, and OTT apps for streaming sticks.

NT Analyzer—Current and New Features:

Our team recently made dramatic changes in our testing platform to provide additional features, speedier throughput, and analytical capabilities to help clients protect themselves in this increasingly risky environment. All testing is conducted under Attorney-Client Privilege. Our current and new features of NT Analyzer include:

  • AI-Powered Full Overview of All Network Connections (new) (“Overview”): The Overview feature provides every third party’s remote host name, company name, and a description of the third party’s roles and functions. The Overview test can help answer questions like whether there are “sales”/”shares” on the site and spot legacy tech that should be removed. We previously relied on our internal database of hosts-to-companies but have now supplemented the list with AI input across the entire list of observed parties.
  • Term/String Detection (“Detections”): The Detections test takes a dictionary of high-value known information—email address, phone numbers, username, etc.—and determines where the raw values, as well as hashed or encoded versions of the raw values, are transmitted. The Detections test is vital for minimizing risk under the VPPA, Wiretap, and Pen Register laws. 
  • Full Key-Value Pair Dump (new) (“KV”): The KV feature isolates every parameter that is transmitted in captured network requests (i.e., query string and payload) and places them in a de-duplicated searchable table. The results of the KV test are useful for companies who want to see every piece of data transmitted.
  • AI-Powered Analysis of Query Strings and Payloads (new): The KV test also includes a tailored AI feature to analyze the key-value pair dump referenced above to identify probable use-cases and privacy concerns.
  • Cookies and Local Storage: The tool captures all cookies and HTML5 storage, on a party-by-party basis, together with the duration of cookies, enabling legal review and analysis.
  • AI-Powered Privacy Analysis of Cookies/Local Storage (new): This test also includes a tailored AI feature to analyze cookies and local storage to surface probable use-cases and privacy concerns.
  • AI-Powered Subject Matter Analysis (new): Tailored AI features review all the data transmitted and then flags specific transmissions based on certain subject matter categories:
    • Health-Related—Health conditions, treatments, drugs, diagnoses, medical providers, etc.
    • Financial—Accounts, payments information, load products, insurance, bank references, etc.
    • Sensitive Data—Sexual orientation, ethnicity, union membership, etc.
    • Browsing Data—Identifies instances where browsing history, content, or metadata is shared with third parties
  • Testing Opt-Outs (new): The Opt-Out tool now provides clients the option of doing A/B style testing to determine which parties receive opt out signals and what those signals are. For those parties that must use TCF because they are in the EU or UK, we have the ability to unwrap the signal for subsequent analysis.
  • Mitigation Recommendations: NT Analyzer’s rich testing outputs allow us to flag issues and provide thoughtful mitigation strategies from a technical and legal perspective.

Beating the Odds

Today’s challenging regulatory and litigation environment does not have to mean outsized risk.  A company using periodic network traffic analysis with a powerful platform like NT Analyzer can spot and address issues before they become liabilities.

Contact us to Request a Demo