OWASP published Top 10 Privacy Risks for Web Applications:
- Web Application Vulnerabilities
- Operator-sided Data Leakage
- Insufficient Data Breach Response
- Insufficient Deletion of personal data
- Non-transparent Policies, Terms and Conditions
- Collection of data not required for the user-consented purpose
- Sharing of data with third party
- Outdated personal data
- Missing or Insufficient Session Expiration
- Insecure Data Transfer
Further details are provided on the project website.