|
|
|
|
|
|
by eivarv
1899 days ago
|
|
|
I think you should differentiate between (or use one of) "personal data" and "personally identifiable information" – which are different concepts. A user-token – if consistent and mappable – would, for instance, be "personal data" at least for the service provider for a storage solution such as this. Also, like other "self-sovereign identity" and data hubs, services such as this should be very clear that the only privacy-guarantee it can practically make to its users is regarding authorization of first-party access to data. Outside of that, no technical guarantees can be made (whether we're talking caching for legitimate reasons, or sharing/selling data to partners). |
|
|