According to a new study, more than 100,000 top websites collect some or all user data when they type it into a digital form.

The report states that many of the sites do not intend to carry out data logging, but integrate third-party marketing and analytics services that cause the behavior.

The research was carried out by researchers from KU Leuven, Radboud University and the University of Lausanne.

The study analyzed the 100,000 main websites and looked at scenarios where a user visits a website while in the EU and a user visits a website while in the U.S. Results showed that 1,844 websites collected an EU user’s email address without his consent, while 2,950 logged a U.S. user’s email in some form.

“If there’s a Submit button on a form, the reasonable expectation is that it does something—that it will submit your data when you click it. We were super surprised by these results. We thought maybe we were going to find a few hundred websites where your email is collected before you submit, but this exceeded our expectations by far,” said Güneş Acar, a professor and researcher in Radboud University’s digital security group and one of the leaders of the study.

The sources for this piece include an article in WIRED.