Hacker News new | past | comments | ask | show | jobs | submit login

You can collect as much data as you like, its what you do with it that counts.



I think the less data you collect the less impact a leak or rogue employee can have.

Imagine if Hacker News would leak its user database. I assume there is not much in there, so the impact would pretty much be non existent.


That depends. If that user database included IP addresses I can see plenty of ways in which it could have major impact.


I mean, you can say that about residentially-stored explosives, too.

This isn't about what one can do, it is about what is prudent. Grindr just learned a lesson about the difference.


Unless you get a leak and people find out and your reputation is ruined.


I don't think your statement holds true in practice. Collecting data that you then don't do anything with, in theory or even in practice, is also something that GDPR penalizes, since there's no need for you to collect it if you claim you don't do anything with it.


Not doing something with the data is also a function, just like Nulls are a value, so yes you are right that collecting the data and not doing anything with it could be viewed negatively when up before data commissioners. Its interesting watching how the IT industry views GDPR and the advice given out by various law firms. You see unlike maths which is pure, language is vague and open to interpretation, the trick is convincing the decision maker ie data commissioner or judge that your interpretation is the correct one and not just an incorrect herd mentality sweeping the IT industry, which you see in the comments posted here and elsewhere.


Right It’s the storing and sharing part that’s a liability.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: