zlacker

[parent] [thread] 2 comments
1. apple4+(OP)[view] [source] 2018-05-18 21:47:51
That is silly. IP addresses should not be covered. I should be able to keep IPs for years. They change often anyway.

IP addresses being covered is one of my big issues with GDPR.

replies(2): >>jacque+B2 >>shabbl+v5
2. jacque+B2[view] [source] 2018-05-18 22:19:06
>>apple4+(OP)
Then you're going to love HIPAA. That's a US law by the way.
3. shabbl+v5[view] [source] 2018-05-18 22:53:05
>>apple4+(OP)
what value do you get from keeping them for years? Are you actively analysing and re-analysing them for any particular purpose, or is it more of a 'well, you never know...' sort of deal?

"they change often" is arguably a good reason for not keeping them. What advantage do you get from knowing that 10 years ago $IP was sending you spam if it's been though 20 different re-allocations and tens of thousands of 'actual owners' since then?

Imagine if google or cloudflare were logging every since query to their public DNS and correlating it with other access logs or google analytics or whatever. They'd be able to relatively trivially deanonymise huge numbers of actual people's identities and browsing history (beyond what they can obtain already).

[go to top]