[sheeper]

It's not possible to one-way hash a 32-bit IP address. A hash of a 32-bit value can always be reversed because the search space is so small.

[dorgo]

Store only the first 16 bits of the hash maybe?

[akvadrako]

Google Analytics is supposedly GDPR compliant when they store only the first 3 octets, un-hashed.

However I'm not sure myself it makes sense. Some people will be identified by just a partial IP or even a partial hash.

[lodi]

Who cares if it’s trivially hackable; we’re talking about a legal checkbox that you have to tick.

[sheeper]

A reversable hash "could reasonably be linked" with the plaintext. You can't get around the law on technicalities. Judges are not computers.

[lyxsus1]

> You can't get around the law on technicalities.

Simply out of curiosity, what do you mean by that?

All my life experience and knowledge tells me it's exactly how you get around the law, unless court has its own agenda or strong bias.

[elliekelly]

https://en.wikipedia.org/wiki/I_know_it_when_I_see_it

[TeMPOraL]

I do. People treating privacy protections as "legal checkbox that you have to tick" are the reason regulations like this show up in the first place.