zlacker

[parent] [thread] 2 comments
1. apple4+(OP)[view] [source] 2018-05-18 21:17:39
There is a difference between complying with GPDR and caring about privacy.

I completely and utterly care about privacy, but things like not tracking IP address and allowing people to request removing them are a bridge to far. I can’t comply with that. I treat my customers important PII (names, addresses, etc) very delicately. But the cost of complying GPDR is too must.

replies(2): >>jacque+d5 >>phyzom+kL2
2. jacque+d5[view] [source] 2018-05-18 22:12:42
>>apple4+(OP)
> I completely and utterly care about privacy

and

> allowing people to request removing them are a bridge to far.

Are dissonant. You will have to pick the one or the other but you can't both care about privacy and not allow people to request removal of their data. That should be fairly obvious.

3. phyzom+kL2[view] [source] 2018-05-21 01:25:06
>>apple4+(OP)
GDPR does allow you to record IP addresses in access logs and whatnot. And I'm not so sure people can actually ask you to remove their IP addresses; they'd have to demonstrate use of that IP over the relevant time interval, which is beyond most people. So I think while GDPR requires you to have a good reason to collect IP addresses, it doesn't meaningfully impose an obligation to be able to expunge them in removal requests.
[go to top]