|
|
|
|
|
|
by deforciant
2204 days ago
|
|
|
Totally agree. Currently working on a public transport system and constantly pushing not to collect names, surnames and other details when it's not absolutely needed (in some cases it needs to know when discounts are involved). So far so good, I hope I wouldn't even need to raise this points.. Company is a good one, no plans to ever sell or monetize data but what if we ever lose the data :) |
|
|
As you say, data can be lost or stolen. But companies also change hands, and it is notoriously hard to prevent it being used for other reasons after acquisition (particularly in the US). Perhaps you can even look at if you actually need names and other details when handling discounts? Could you validate eligibility or do whatever is required, then assign a verified token to it? If it's more complex, a blinded signature might let you attest to a given identity being eligible for a discount, without you being able to look back and check which signature it was. I'm all for finding ways to not store data that isn't strictly necessary.
Everyone calls data the new oil, but I'm over that, and now see it as the new asbestos. It's expensive to have it, expensive to keep it, and expensive to get rid of it (if you do it right)