|
|
|
|
|
|
by anywhichway
2933 days ago
|
|
|
That doesn't really work because if it isn't PII, then they don't know who it belongs to (not having even your name is a field, or else it would be PII) and can't verify it belongs to you before giving it to you. Like visiting websites while not logged into anything in generating tons of data, but it can't be easily linked back to you. It would be possible to link some of it back to session IDs or other things you could be linked back to your device, but that doesn't show it was you using the device, so they may be releasing data belonging to someone else using your device to you. And that is before we get into possibilities like cookie hijacking or other methods of falsely tying your device to that generated data. |
|
|
The argument here is that the company knows who the data belongs to, and the person above is saying that they shouldn't be able to abstract "you" away from the data and claim it as their own property.. especially because, as we know, most anonymization techniques have serious flaws that in fact do allow individuals to be identified after close scrutinization.