Privacy Risk list v1.0

	A	B	C	D	E
1	No.	Title	Frequency	Impact	Risk
2	P1	Web Application Vulnerabilities	1.9	2.8	5.32
3	P2	Operator-sided Data Leakage	1.7	2.8	4.76
4	P3	Insufficient Data Breach Response	1.6	2.6	4.16
5	P4	Insufficient Deletion of personal data	2.3	1.8	4.14
6	P5	Non-transparent Policies, Terms and Conditions	2.2	1.8	3.96
7	P6	Collection of data not required for the user-consented purpose	2.1	1.8	3.78
8	P7	Sharing of data with third party	1.8	2	3.6
9	P8	Outdated personal data	1.6	2.2	3.52
10	P9	Missing or insufficient Session Expiration	1.4	2.4	3.36
11	P10	Insecure Data Transfer	1.3	2.4	3.12
12	P11	Inappropriate Policies, Terms and Conditions	1.7	1.8	3.06
13	P12	Transfer or processing through third party	1.6	1.8	2.88
14	P13	Inability of users to modify data	1.3	2.2	2.86
15	P14	Collection without consent	2	1.4	2.8
16	P15	Collection of incorrect data	1	2.4	2.4
17	P16	Misleading content	1.3	1.8	2.34
18	P17	Problems with getting consent	1.6	1.4	2.24
19	P18	Unrelated use	1.7	1.2	2.04
20	P19	Data Aggregation and Profiling	1.4	1.4	1.96
21	P20	Form field design issues	1.2	0.6	0.72
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100