[fjfaase]

I understand that a truncated hash of the MAC address was stored in a database of the company City Traffic and that people investigating the database were able to establish that every night (between 4AM and 5AM) one and the same device was traveling through the city center. They have not been able to identify the person who might be carrying the device. Anyway, the Dutch Data Protection Authority concluded that for the purpose of counting the number of people in the city center it is not allowed to track them according to the Dutch law implementing the GDPR. If City Traffic had just stored the number of unique MAC addresses picked up by one of the ten 'MAC address sniffers' for some time interval, they might not have violated the law.