Privacy Warning

Least Private Websites

The 100 domains with the lowest privacy scores. These websites demonstrate the poorest privacy practices across our monitored dataset.

Bottom 100 by Privacy Score

Lower scores indicate more privacy issues. Click any domain for a full report.

Rankings data is being calculated. Check back soon.

What Makes a Website “Least Private”?

A low privacy score indicates multiple compounding issues: excessive third-party tracking, missing security headers, lack of HTTPS enforcement, browser fingerprinting, and irresponsible cookie practices. The websites on this list score poorly across most or all of these categories, making them the highest-risk domains in our dataset.

The Compliance Risk of Low-Privacy Vendors

For compliance officers and vendor risk teams, a domain appearing on this list is a red flag. Under regulations like GDPR Article 28, data controllers must only engage processors that provide “sufficient guarantees” regarding data protection. A vendor whose own website fails basic privacy checks may lack the organizational maturity for adequate data processing safeguards.

SOC 2 and ISO 27001 auditors increasingly examine vendor web properties as part of their assessment. A website with a failing privacy grade suggests gaps in the vendor's security posture that may extend beyond their public-facing properties into their infrastructure and data handling practices.

How Privacy Scores Are Calculated

Gecko Advisor calculates privacy scores on a 0-100 scale by analyzing five categories: tracking scripts (up to -50 points), security headers (up to -45 points), third-party connections (up to -15 points), cookie practices (up to -10 points), and compliance signals (up to -5 points). Each deduction is evidence-based, meaning every point lost corresponds to a specific, verifiable finding.

Interpreting These Rankings

These rankings reflect a point-in-time snapshot. Websites can improve their scores by removing unnecessary trackers, implementing security headers like Content Security Policy and HSTS, and adopting privacy-respecting analytics. We rescan domains regularly, and significant improvements are reflected in updated scores. Our change detection system tracks score movements so you can monitor whether a vendor is improving or declining.

Actionable Steps for Risk Teams

If a vendor in your supply chain appears on this list, consider requesting their data processing agreement, reviewing their subprocessor disclosures, and conducting a deeper technical assessment. Our Domain Intelligence API provides programmatic access to these scores for integration into your vendor risk management workflows, enabling automated monitoring of vendor privacy posture over time.

Frequently Asked Questions

Which websites have the worst privacy?

The websites at the bottom of our privacy rankings fail across multiple categories: excessive tracking, missing security headers, no HTTPS enforcement, browser fingerprinting, and irresponsible cookie practices. They represent the highest privacy risk in our monitored dataset.

What does a failing privacy score mean?

A score below 60 (grade D or F) indicates serious privacy deficiencies. These sites typically deploy 10+ third-party trackers, lack basic security headers like Content Security Policy, and may use browser fingerprinting to identify users without consent.

Should I avoid websites with low privacy scores?

Low scores indicate higher data exposure risk. For personal browsing, consider using privacy tools like ad blockers. For business vendor assessments, a low privacy score should trigger deeper due diligence into the vendor's data processing practices and security posture.

Can websites improve their privacy score?

Yes. Common improvements include removing unnecessary trackers, implementing Content Security Policy and HSTS headers, switching to privacy-respecting analytics, and reducing third-party cookie use. Our change detection system tracks score improvements over time.

More Privacy Rankings

Most Tracked Websites

Domains with the most trackers

Most Cookies

Domains that set the most cookies

Privacy Index

Top-rated domains for privacy

Is your vendor on this list?

Scan any domain instantly. Free privacy analysis with no signup.

Scan a WebsiteAPI Access