Ainode Privacy Glossary · Auditor: Tomás Maria Vaz de Noronha
Every TCP / UDP / TLS packet that traverses the network interface during the capture window: source IP, destination IP, port, payload size, protocol, timestamps. With TLS-decryption infrastructure (or unencrypted protocols), you also see the actual payload — what data classes are being sent, in what format, to which exact endpoint. The files are typically opened in Wireshark or Tshark.
A wearable manufacturer's privacy policy is a self-attestation. A PCAP is independent verification. If a vendor says "we only contact our own servers" but the PCAP shows traffic to a third-party analytics platform in a non-EU jurisdiction, the PCAP wins. This is why Ainode's methodology centres on PCAP capture: we publish every audit's underlying packet captures so anyone can verify our findings.
For each audited device we run 72 hours of typical-usage capture across the device + companion app. We extract endpoint flows, identify data classes, and run a 6-dimension privacy scoring. Anyone can request the underlying PCAP for verification. See /methodology for the full procedure and /reviews for the published audit corpus.