ZoomInfo CEO Blocks Researcher After Documenting Pre-Consent Biometric Tracking (github.com)

A security research group published a forensic evidence pack showing ZoomInfo’s GTM Studio landing page fires extensive tracking and behavioral-biometric collection before any consent banner appears. Network captures reportedly show 50+ tracking requests and 118 unique third‑party domains on a single page load, with decoded iframe configuration revealing Sardine.ai settings like "enableBiometrics": true and "enableDNS": true, PerimeterX fingerprinting firing pre‑consent, and a fraud-detection API creating session fingerprints. The researcher posted findings as a comment on CEO Henry Schuck’s LinkedIn demo of GTM Studio and was blocked minutes later; ZoomInfo has not publicly disputed the technical evidence. For AI/ML and martech teams this matters because pre‑consent behavioral biometrics and fingerprinting can render collected signals legally and ethically problematic. Data used for lead scoring, ABM targeting, attribution and model training may be tainted if it was obtained without lawful basis under GDPR, CCPA or state wiretapping rules; the evidence is discoverable and could create joint‑liability exposure with vendors (Sardine.ai, PerimeterX, IdentityMatrix.ai). The report includes reproduction steps (Incognito, DevTools preserve log, don’t interact with the consent banner) and decoded configs, making the behavior verifiable — a prompt to audit vendor stacks now or risk regulatory, contractual and reputational consequences.