The Sovy GDPR scan

TL;DR

The Sovy GDPR scan calculates a privacy score for your website. The Sovy GDPR scan gives too low privacy scores for websites that do not process any personal information at all and for websites that are not based on Wordpress. This privacy score should therefore be seen as a rough first indication, which can be discussed in most cases.

 

Contents

  1. Introduction
  2. Method of measurement
  3. Speed tests to test
  4. The measurements
  5. Conclusions
 

Introduction

Privacy is an huge factor in the GDPR. Hence we try the Sovy GDPR scan to find out, to what extent the GDPR rules are complied with.

Sovy scans for various privacy aspects, such as:

  1. Lawful Basis
  2. Transparancy
    1. Contact point, required by GDPR Article 13(1)(a) (...) contact details of the controller (...)
    2. Description of personal data collected, required by GDPR Article 14(1)(d) (...) the categories of personal data concerned (...)
    3. Purposes for processing personal data, required by GDPR Article 13(1)(c) (...) the purposes of the processing for which the personal data are intended as well as the legal basis for the processing (...)
    4. Recipients (or categories of recipients), required by GDPR Article 13(1)(e) (...) the recipients or categories of recipients of the personal data, if any (...)
  3. Rights
    1. Rights notice, required by GDPR Article 13(2)(b) (...) the existence of the right to request from the controller access to and rectification or erasure of personal data or restriction of processing concerning the data subject or to object to processing as well as the right to data portability (...)
    2. Rights enablement, required by GDPR Article 13(2)(b) (...) the existence of the right to request from the controller access to and rectification or erasure of personal data or restriction of processing concerning the data subject or to object to processing as well as the right to data portability (...)
    3. Right to lodge a complaint with DPA, required by GDPR Article 13(2)(d) (...) the right to lodge a complaint with a supervisory authority (...)
  4. Security
    1. SSL (is the communication to the website encrypted)
    2. Secure Email (is there a service that shields your e-mailaddress)
    3. Plugins (are there plugins that help secure your website, like Jetpack or Wordfence)
    4. Privacy Compliance (is there a consent management system)

It is important to note that Sovy uses this disclaimer: This Privacy Score reflects how well we believe your website meets GDPR requirements. That said, our algorithm could miss parts of your privacy notice and technical components of your website that you actually have, or vice versa. This report should not be taken as legal advice..

 

Method of measurement

For this test we submit the link of the speed test and the link of the privacy policy.

 

Speed tests to test

Because this is a relative simple test (even if the test takes a long time), the unique speed tests as collected at ZOMDir will be tested.

 

The measurements

  1. Astound speedtest has a privacy score of 55% (yellow)
  2. Bandwidth Place has a privacy score of 35% (red)
  3. Bredbandskollen has a privacy score of 60% (yellow)
  4. Broadband Speed Checker has a privacy score of 50% (red)
  5. Cloudflare has a privacy score of 80% (yellow)
  6. Comparitech has a privacy score of 55% (yellow)
  7. DSLReports has a privacy score of 35% (red)
  8. Fast has a privacy score of 55% (yellow)
  9. Fireprobe has a privacy score of 30% (red)
  10. Google Fiber has a privacy score of 65% (yellow)
  11. Internet Speed at a Glance has a privacy score of 35% (red)
  12. LibreSpeed has a privacy score of 25% (red)
  13. M-Lab has a privacy score of 70% (yellow)
  14. Meter.net has a privacy score of 35% (red)
  15. N Perf has a privacy score of 60% (yellow)
  16. Ookla Speedtest has a privacy score of 70% (yellow)
  17. Open Speed Test has a privacy score of 55% (yellow)
  18. SamKnows has no pricacy score, the scan has stopped Our scan is unable to process your website. This may be due to your security settings
  19. SpeedCheck has a privacy score of 75% (yellow)
  20. SpeedOf.me has a privacy score of 45% (red)
  21. SpeedOf.me API Sample Page has a privacy score of 45% (red)
  22. SpeedSmart has a privacy score of 50% (red)
  23. Speedtest4.PHP has no pricacy score, the scan has stopped Our scan is unable to process your website. This may be due to your security settings
  24. TestMy.net has a privacy score of 45% (red)
  25. Toast has no pricacy score, the scan has stopped Our scan is unable to process your website. This may be due to your security settings
  26. Which Broadband Speed Test has a privacy score of 65% (yellow)
  27. Xfinity xFi Speed Test has no pricacy score, the scan has stopped Our scan is unable to process your website. This may be due to your security settings

The bar chart below clearly shows the Sovy privacy score for the successfully tested speed tests.

A bar graph with the privacy score according to Sovy

 

Conclusions

It was not possible to calculate a privacy score for the speed tests SamKnows, Speedtest4.PHP, Toast and Xfinity xFi Speed Test.

Based on the speed tests with a privacy score, we conclude that:

  1. The minimum privacy score is 25%
  2. The maximum privacy score is 80%
  3. The average privacy score is 52%
  4. The median of the privacy score is 55%

In general, we think it is good that Sovy has a disclaimer on the website. We believe that Sovy gives too low privacy scores for websites that do not process any personal information at all and for websites that are not based on Wordpress. This privacy score should therefore be seen as a rough first indication, which can be discussed in most cases.

Based on the results of the Sovy GDPR scan, we do not dare to say whether or not a speed test is privacy-friendly.