|
|
|
|
|
|
by stiray
1987 days ago
|
|
|
Just a small detail about cryptographic hash: https://gdpr-info.eu/art-4-gdpr/ "‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;" Cryptographic hash of phone number is still uniquely identifying natural person and is by GDPR still under the definition of personal data. The GDPR authors knew what they were doing - or they were lucky although also other parts of GDPR suggest that they had some technical think-tank behind it. Anyway, hashing doesn't solve anything, whatever "obfuscation" is used/invented, as long as information points to "natural person" it is considered personal data. |
|
|