April 23, 2024

The ISL Domain Data Privacy Risk Dictionary provides privacy risk scores for subdomains found in ISL research (such as the 2022 US K-12 EdTech Safety Benchmark).

The subdomain privacy risk score is calculated from a multi-part formula reflecting Risk Impact plus Risk Likelihood. Risk Impact and Risk Likelihood are both scored from -1 (lowest risk) to -4 (highest risk), and then added together. The final score is normalized into a range from -1 (lowest risk) to -4 (highest risk).

Risk Impact is directly proportional to the type of data involved in the functions provided at the domain/subdomain, based on the subdomain’s category/subcategory and tag information. The more sensitive the personal information, the higher the Risk Impact.

Risk Likelihood is the likelihood of the responsible company sharing or monetizing personal information. This was calculated using the following subdomain characteristics: 

       a.     The subdomain’s primary industry category, subcategory and tags. Categories known to monetize personal information (such
               as Advertising / Marketing) received in higher Risk Likelihood. [Source: online research]  

       b.     The subdomain company’s Privacy Risk Score. [Source: ISL Company Privacy Risk Dictionary] 

ISL provides this data as an informational tool reflecting research at this point in time–version 2.0 published on 4/23/24. Please contact us at contact@internetsafetylabs.org if you have questions or corrections.  

This work is licensed under the Creative Commons Attribution-NonCommercial 4.0 International License.

Open Domain Risk Dictionary