FORENSIC AUDIT TOOL
Evidence of what websites actually do.
WebSentinel produces court-ready forensic records of every privacy-relevant event a site fires, and the same detection engine powers six products covering enforcement, point-in-time audits, continuous compliance, rapid CIPA response, environmental-crime exposure, and the new patent-pending Guard module that finally makes the reject button on your cookie banner do what visitors believe it does.
PRODUCTS
One engine. Six ways to use the evidence.
Every product is built on the same forensic detection core. What differs is who the buyer is, how they take delivery, the legal regime in play, and what the evidence is for. Select a product for the full scope and pricing.
DIFFERENTIATION
Coverage incumbents cannot match.
PRIVACY VECTOR LANDSCAPE COVERAGE
The incumbent compliance vendors grew out of cookie-banner deployment. Their technical floor is shallow because that was never their core capability. Cookie-jar scrape captures roughly five to ten per cent of what a modern web page actually does to the visitor. Everything beyond that — runtime fingerprinting, sensor access, timing side channels, worker-side network traffic, supply-chain mutations — is invisible to them.
WebSentinel covers the complete privacy vector landscape and adds the supply-chain integrity layer needed to detect silent post-deployment changes. When the regulator asks, when opposing counsel asks, when the board asks — the answer is grounded in evidence the auditor controls, not in self-attestation by the team that deployed the code.
PATENT PENDING · WORLD FIRST
Your cookie banner has been lying for twenty years.
WebSentinel Guard is the first product on the market that gives a first-party publisher real control over the third-party cookies a third party has written to the visitor's browser, removing those cookies the moment the visitor withdraws consent and blocking new ones at write time, which is the consent state every visitor has assumed they were getting when they click Reject and which, twenty years into the cookie banner industry, they have never actually had.
WHY THE CMP INDUSTRY HAS NEVER FIXED THIS
Same-origin principle - cookies can only be removed by the party that set them.
Cookie deletion in the browser is governed by the same-origin principle, a security rule from the late 1990s/early 2000s that limits cookie deletion to the party that wrote the cookie, so when a third-party tag fires from doubleclick.net and sets a cookie at the doubleclick.net origin, only doubleclick.net can delete it. The Consent Management Platform running on the first-party domain has no way to reach across origins, and that limit applies just as much to OneTrust, TrustArc, Usercentrics, CookieYes and every other CMP that has shipped since the cookie banner industry began.
The industry has built and sold this product knowing full well that it cannot do what it claims, because when the visitor clicks Reject after pageload, the third-party cookies that were already set remain on the browser, the data inside them remains too, and the visitor walks away believing their data has been deleted while every one of those third parties continues to track them on the next request.
CONSUMER PROTECTION EXPOSURE
Deception under consumer-protection law.
A reasonable visitor who clicks Reject expects the cookies to be deleted, because that is what Reject means in plain English, and where the cookies actually remain, where the visitor's data continues to sit in them, continues to identify the visitor, continues to flow to the third party on the next request, the operator of the website is representing something to the visitor that is simply not true.
In US consumer law that is a deceptive act or practice under section 5 of the Federal Trade Commission Act, and in EU consumer law it is a misleading commercial practice under the Unfair Commercial Practices Directive (2005/29/EC) implemented across every member state, with both regimes treating deception about a material attribute of a service as actionable. The exposure sits on every operator that has deployed an incumbent CMP, and it does not need regulator action to land in court, because a class-action plaintiff in the United States, a national consumer authority in any EU member state, or an advertising-standards regulator can act on the documented gap between what the cookie banner represents and what the browser actually contains.
Guard closes that gap by giving the first-party publisher real control over third-party cookies, so for the first time the reject button on a cookie banner actually produces the cookie state the banner has been claiming for the past twenty years.
PROVENANCE
Cookie consent exists in EU law because of Alexander Hanff.
Article 5(3) of Directive 2002/58/EC was rewritten by Directive 2009/136/EC following a multi-year civil-society campaign Alexander Hanff led against Phorm, the UK ISP-level deep-packet-inspection programme that intercepted subscriber browsing traffic without consent. Privacy International recruited him on the strength of that campaign, and in his role there he went on to represent civil society at the European Commission round-tables that debated the consent mechanism for the new directive across twelve months of negotiations, sitting opposite the advertising and ISP industries, walking out of the final session in protest over the Chair, Robert Madelin, failing to chair the process objectively. The directive went on to introduce the cookie-consent requirement that the entire Consent Management Platform industry has been built around for the last fifteen years.
In the sixteen years since, he has worked as a consultant and adviser inside organisations of every size, watching every CMP product on the market promise enforceable consent and fail at the most basic technical requirement, which is removing the third-party cookies the visitor has just rejected. The industry has had fifteen years to fix this and never did, which is why WebSentinel Guard exists, built by the person who put cookie consent into EU law in the first place and who has spent the last decade and a half watching the industry try and fail to honour it.
WHY DEPTH MATTERS
Independent evidence, every surface, every release.
Privacy and compliance teams are expected to certify that their organisation complies with applicable law across every digital property. In practice they rely on stakeholders with competing incentives to self-report what runs and where. Marketing deploys tags through a tag manager without privacy review. Engineering ships third-party SDKs without disclosing them in the data-flow register. Vendors add sub-processors without notifying the customer. Tag managers can mutate silently after deployment.
WebSentinel closes that information asymmetry. Every finding is timestamped, attributed to the responsible script with full call stacks, and assembled into evidence suitable for legal and compliance use. Every scan is reproducible. Every export carries chain-of-custody metadata. The output is forensic-grade by default, not by upgrade.
The same evidentiary discipline serves every side of the table. Plaintiff litigators and regulators need natural, unstaged evidence a court will accept. Defendants facing active CIPA exposure need that same evidence on an urgent, litigation-driven timeline. In-house privacy teams need continuous independent ground truth they can act on. Organisations commissioning a point-in-time assessment need a defensible record with no commitment. And, newly, claimants and defendants under the Environmental Crimes Directive need the carbon cost of unlawful processing quantified to an evidentiary standard. Every one of them sits on the same forensic core.
The detection engine is the moat. Nobody else doing compliance work has built it at this depth, because it requires privacy-research competence the adtech-adjacent vendors do not have.
CIPA & ENVIRONMENTAL CRIMES DIRECTIVE
Questions we are asked daily.
Two regimes are driving most of the inbound right now: the California Invasion of Privacy Act (CIPA) and the EU Environmental Crimes Directive. Here is what they mean and how the evidence works.
What is the California Invasion of Privacy Act (CIPA)?
CIPA — California Penal Code §§ 631, 632 and 638.51 et seq. — prohibits intercepting or recording a communication without the consent of all parties. The plaintiff bar now applies it to website session-replay, chat interception and third-party tracking, where civil exposure routinely reaches eight figures per matter.
Is session replay a CIPA violation?
Session-replay tools that capture keystrokes, mouse movement, form-field input and scroll behaviour and route them to a third party can engage CIPA's wiretapping and pen-register provisions where the visitor has not consented. WebSentinel records exactly what is captured, the destination party, and the consent state at the moment of capture.
What evidence does WebSentinel produce for a CIPA claim?
A cryptographically signed, hash-chained capture showing each interception, the destination party, the data category and the consent baseline — scanned from a California IP so it reflects what a California visitor actually receives. It supports both plaintiff filings and defendant response, with an optional expert witness statement.
What is the EU Environmental Crimes Directive?
The Environmental Crimes Directive is the EU framework that criminalises conduct causing substantial environmental damage. It broadens the categories of criminal environmental offences and raises penalties for in-scope undertakings across the Union.
How can website tracking be an environmental crime?
Pre-consent data processing transfers and stores data the visitor never agreed to. At population scale that unnecessary processing carries a measurable energy and carbon cost. Where the underlying processing is unlawful under ePrivacy/GDPR and the environmental impact is substantial, it can fall within the scope of the Environmental Crimes Directive. This is an emerging area of exposure, and WebSentinel is the only platform that can quantify it from forensic capture.
How is the carbon cost quantified?
Using established, peer-reviewed methodology — the transfer-energy figures of Pärssinen et al. (2018), Science of The Total Environment, combined with EU grid-emissions factors — applied to the exact pre-consent payloads captured during the forensic audit.
Is the evidence admissible in court?
Every record is signed against a per-machine ECDSA-P256 keypair, hash-chained so any post-capture tampering is detectable, and timestamp-anchored via OpenTimestamps against the Bitcoin-confirmed calendar — so the audit timestamp is verifiable independently of WebSentinel and the operator.
How is this different from a cookie scanner or CMP?
Cookie-banner and CMP tools capture roughly 5–10% of what a modern page does. WebSentinel covers the full privacy-vector landscape plus the supply-chain integrity layer — runtime fingerprinting, sensor access, worker-side traffic, session replay and the silent post-deployment changes the incumbents cannot see.
Why can no CMP delete third-party cookies once they have been set?
Browser security limits cookie deletion to the party that wrote the cookie - this is the same-origin principle, in place since the late 1990s/early 2000s, and it means a third-party tag fires from a third-party domain, sets a cookie at that origin, and only that origin can delete it. A Consent Management Platform running on the first-party domain has no way to reach across origins, and that limit applies to OneTrust, TrustArc, Usercentrics, CookieYes and every other CMP on the market.
What is the consumer-protection risk of an incumbent CMP?
A reasonable visitor who clicks Reject expects the cookies to be deleted, and when they are not, when the visitor's data continues to flow to the third party, the operator of the website is representing something to the visitor that is simply not true. In US consumer law that is a deceptive act or practice under section 5 of the Federal Trade Commission Act, and in EU consumer law it is a misleading commercial practice under the Unfair Commercial Practices Directive (2005/29/EC) implemented across every member state, with both regimes treating deception about a material attribute of a service as actionable.
What is WebSentinel Guard?
WebSentinel Guard is a patent-pending world-first technology that gives a first-party publisher real control over third-party cookies, blocking new third-party cookie writes at write time and removing existing third-party cookies the instant the visitor revokes consent. It ships free with every WebSentinel SaaS subscription.
NEXT STEP
Tell us what you need to prove.
Enforcement matter, urgent CIPA response, continuous monitoring, a point-in-time assessment, or Environmental Crimes Directive exposure — describe the scope and we will come back with the right product and a way forward.