Data Forensics Analyst — Privacy & Ad-Tech Litigation

Posted 2 months ago

Worldwide

Summary

We build and run consumer-protection litigation campaigns — mass arbitration and class actions targeting unlawful website tracking, undisclosed data sharing, and broken consent. The evidence that makes or breaks those campaigns is technical: what a website actually transmits, to whom, when, and whether the user ever meaningfully agreed. You will produce that evidence. Specifically, you'll author defensible, reproducible forensic reports documenting third-party tracker behavior and consent mechanisms on consumer websites and apps — the kind of report a litigation team can build a demand letter, complaint, or expert declaration on top of, and that holds up when opposing counsel pushes back. This is a facts role, not a legal-conclusions role. You document precisely what the technology does and preserve the proof. Our attorneys characterize it under CIPA, VPPA, the multi-state wiretap stack, and UDTP statutes. The cleaner the line you hold between "here is what fired and what it carried" and "here is what that means legally," the more useful your work is. ## What you'll produce Reports in the mold of our existing work product — e.g., a tracker-and-consent analysis of a travel-booking site, or a pixel-history reconstruction of a lending site. A typical report includes: - An executive summary stating, in plain terms, what data went where and whether consent was obtained - A methodology section detailed enough that a third party can reproduce the capture - Technical findings: trackers detected, data fields transmitted, sensitivity classification, and the raw request payloads that prove it - A consent-mechanism analysis: what the CMP did or didn't do, and when - A preserved, hash-verified evidence appendix with a file manifest and independent verification steps Each report is a standalone evidentiary artifact: case reference, version, classification, analyst attribution, UTC timestamps, and a chain of evidence that survives scrutiny. ## What you'll do - Capture network traffic at the protocol level (Chrome DevTools Protocol / HAR) and via headless and headed browser automation (Playwright, Chromium, Brave), across authenticated and unauthenticated sessions, with clean-profile baselines and controlled geo/VPN conditions - Detect and decode third-party trackers — Meta Pixel, Google Ads/DoubleClick/Floodlight, Microsoft UET, The Trade Desk, Adobe/demdex, Criteo, TikTok, AdRoll, Impact Radius, Heap, and others — and explain exactly what each parameter carries - Identify transmitted PII and persistent identifiers (account IDs, session GUIDs, `fbp`/`auiddc`/ECID, listing/application IDs) and classify sensitivity - Read the consent layer: CMP initialization state and timing (e.g., OneTrust SDK load vs. `window.OneTrust`/`OptanonActiveGroups` state), consent cookies, and platform consent flags (`coo`, `cdl`, `npa`, `cdb`) that independently corroborate whether consent existed at transmission time - Reverse out tag-manager firing logic (e.g., Tealium `utag.js` load conditions) to show what gates a pixel — URL path, event, or an actual consent check - Reconstruct historical tracker deployment using the Wayback Machine and archived configs, building dated timelines of pixel IDs, events, and consent posture - Inspect cookies (1st- vs 3rd-party, persistence, purpose), CSP whitelists, source maps, and SDK/API transmissions - Preserve evidence rigorously: hash-verified captures, raw payloads keyed to HAR entry numbers, screenshots, and copy-paste verification commands (e.g., `curl` against an archived asset) - Write clearly for a legal audience and stand behind your findings; support attorneys preparing declarations or responding to challenges

  • More than 30 hrs/week
    Hourly
  • 6+ months
    Duration
  • Expert
    Experience Level
  • $20.00

    -

    $50.00

    Hourly
  • Remote Job
  • Ongoing project
    Project Type

Contract-to-hire opportunity

This lets talent know that this job could become full time.
Learn more
Skills and Expertise
Mandatory skills
Information Security
Digital Forensics
Activity on this job
  • Proposals:20 to 50
  • Last viewed by client:4 weeks ago
  • Hires:
    3
  • Interviewing:
    7
  • Invites sent:
    13
  • Unanswered invites:
    1
About the client
Member since Dec 5, 2016
  • United States
    Brooklyn5:02 AM
  • $108K total spent
    179 hires, 31 active
  • 4,320 hours

Explore similar jobs on Upwork

Cybersecurity Expert for IoT and Hardware HackingFixed-price‐ Posted 1 month ago
C
C++
Internet of Things
Lead Generation
Internet Marketing
Cloud Computing
Cloud Security Framework
Network Security
Solution Architecture
Security Infrastructure
Application Security
Security Engineering

How it works

  • Post a job icon
    Create your free profile
    Highlight your skills and experience, show your portfolio, and set your ideal pay rate.
  • Talent comes to you icon
    Work the way you want
    Apply for jobs, create easy-to-by projects, or access exclusive opportunities that come to you.
  • Payment simplified icon
    Get paid securely
    From contract to payment, we help you work safely and get paid securely.
Want to get started? Create a profile

About Upwork

  • Rating is 4.9 out of 5.
    4.9/5
    (Average rating of clients by professionals)
  • G2 2021
    #1 freelance platform
  • 49,000+
    Signed contract every week
  • $2.3B
    Freelancers earned on Upwork in 2020

Find the best freelance jobs

Growing your career is as easy as creating a free profile and finding work like this that fits your skills.

Trusted by

  • Microsoft Logo
  • Airbnb Logo
  • Bissell Logo
  • GoDaddy Logo