[mfer]

If Slack did this because of her trip to Cuba years ago it means they have kept records of her IP going back years.

This causes me to think about the metadata records they have held onto in addition to all the data.

[Zopieux]

And yet some people are wondering why GDPR has a data retention policy that aims at keeping personal data around for the least amount of time necessary.

Companies should be made accountable for such blatant abuse of user data.

[jordank]

Right, which should also indicate that this trip to Cuba wasn’t part of a pattern but rather an anomaly.

I understand the complex legal frames that this exists in, but they appear to have the data to be way more precise here.

[TeMPOraL]

They may have the data, but they have no incentive to care whether or not their inferences are correct. This is a common problem with ostensibly data-driven companies.

[tzs]

> If Slack did this because of her trip to Cuba years ago it means they have kept records of her IP going back years

Or they did an IP to country lookup back then and kept the result of that rather than keeping the IP.