Listen to this page:
OWASP Privacy Risk Countermeasures
OWASP is the acronym for the Open Web Application Security Project .
Overview
The OWASP Top 10 Privacy Risks Project provides a top 10 list for privacy risks in web applications and related countermeasures.
It covers technological and organizational aspects that focus on real-life risks, not just legal issues.
The Project provides tips on how to implement privacy by design in web applications with the aim of helping developers and web application providers to better understand and improve privacy.
The list uses the OECD Privacy Guidelines as a framework and can also be used to assess privacy risks associated with specific web applications.
This list provides solid web application security to comply with GDPR (General Data Protection Regulation, enforceable on May 25, 2018).
The following Top 10 Privacy Risks are listed by importance, 1 being the gravest privacy risk.
Web Application Vulnerabilities
Operator-sided Data Leakage
Insufficient Data Breach Response
Insufficient Deletion of personal data
Non-transparent Policies, Terms and Conditions
Collection of data not required for the primary purpose
Sharing of data with third party
Outdated personal data
Missing or Insufficient Session Expiration
Insecure Data Transfer